GL-MT6000 (Flint 2) Load Balance help

Routers
5

Good morning,

After requesting help here about assigning one ISP to certain devices and a second ISP to others, I’m sharing my experience, which might be useful to someone else in the future. After many hours of discussing the MWAN3 topic with my friend ChatGPT, I finally achieved the result I wanted albeit in a different way but it works, and that’s what matters.

I’d like to thank @bruce for pointing me toward the MWAN3 (Multi-WAN load balancing/failover) documentation.

MWAN3 Multi-WAN Configuration on Flint2 Router (GL-MT6000) / LuCI Console

I configured MWAN3 on my Flint2 router (GL-MT6000) to meet the following goals:

  1. Specific Devices use a dedicated ISP (LigaT 1Gbps).
  2. All Other Devices default to another ISP (Vodafone 1Gbps).
  3. Failover: If the primary ISP fails, traffic is automatically routed to the backup ISP.

Network Overview

  • LAN Subnet: 192.168.8.0/24
  • Primary ISP (Vodafone): Interface wan, Gateway 192.168.1.1
  • Secondary ISP (LigaT): Interface secondwan, Gateway 192.168.2.1

Configuration Files

  1. MWAN3 Configuration
    The MWAN3 setup defines the policies, rules, and failover behavior.

cat /etc/config/mwan3
Key Points:

  1. Interfaces:
    • wan for Vodafone (default).
    • secondwan for LigaT.
  2. Policies:
    • LigaT: Routes traffic exclusively through secondwan.
    • default_poli: Routes traffic through wan by default.
  3. Rules:
    • Traffic from 192.168.8.10 is assigned to the LigaT policy.
    • All other traffic follows the default_poli.

Snippet:
config policy 'LigaT'
option last_resort 'default'
list use_member 'secondwan_only'

config rule 'LigaT_rule'
option src_ip '192.168.8.10'
option dest_ip '0.0.0.0/0'
option use_policy 'LigaT'

config rule 'default_rule'
option dest_ip '0.0.0.0/0'
option use_policy 'default_poli'

2. Network Configuration
The interfaces for the WAN connections are defined as follows:

cat /etc/config/network
Snippet:
config interface 'wan'
option device 'eth1'
option proto 'dhcp'
option metric '1'

config interface 'secondwan'
option device 'lan1'
option proto 'dhcp'
option metric '2'

  • wan (Vodafone) has a lower metric (1), making it the preferred interface.
  • secondwan (LigaT) has a higher metric (2), acting as a backup for failover.

3. Firewall Configuration
The firewall zones are configured to allow traffic forwarding from the LAN to both WAN interfaces.

cat /etc/config/firewall
Snippet:
config zone
option name 'wan'
list network 'wan'
list network 'secondwan'
option masq '1'
option input 'DROP'
option forward 'REJECT'

config forwarding
option src 'lan'
option dest 'wan'

Behavior

  1. Device Routing:

    • 192.168.8.10: Uses the LigaT ISP exclusively via the LigaT_rule and secondwan interface.
    • Other Devices: Use Vodafone by default through the default_poli policy.

  2. Failover:

    • If the Vodafone (WAN) connection fails, all devices fall back to the LigaT ISP via secondwan.
    • This is managed automatically by MWAN3's tracking (ping) and failover mechanisms.

Example of Interface Status:
mwan3 status
Output:
interface wan is offline and tracking is active
interface secondwan is online and tracking is active

Current ipv4 policies:
LigaT:
secondwan (100%)
default_poli:
default

Testing

  1. Failover:

    • Disconnected the Vodafone (WAN) cable.
    • Verified that traffic from all devices switched to the LigaT ISP seamlessly.

  2. Device-Specific Routing:

    • Performed traceroute and IP tests from 192.168.8.10:
      • Traffic was routed through the LigaT ISP (192.168.2.1).

  3. Restoration:

    • Reconnected the Vodafone (WAN) cable.
    • Devices returned to the default ISP (Vodafone).

Conclusion
This MWAN3 setup achieves:

  1. Device-Specific Routing: Assign specific devices to use a particular ISP.
  2. Failover: Automatic switching between ISPs when the primary connection fails.

The configuration can easily be extended to add more devices or implement load balancing if needed.

2 Likes