MIFI: Changing metric of wwan0 route, doesn't prefer over internal route

zaxxon · February 14, 2022, 4:24pm

Dear group,

Setup: gl-mifi, running 3.211

Use-Case: monitoring probe, periodically checking whether my internet access is alive and all my hosts in my network are up and running.

Customisation: opened WAN (eth0) so I can ssh in. I don’t want to connect LAN (eth1) to my actual LAN because I already have a DHCP server running. I also want to keep the LAN port and wlan0/access point running as-is so I have a backdoor if I misconfigure something

What I want:

The mifi checks whether the firewall (another host on the network) still sees the internet. So the internal connection towards the firewall might still be up, but the mifi (and the rest of the network) cannot reach the internet. If this is the case, the LTE modem should be brought up (enabling some further tests and magic).

What I did:

Initially, the routing table (ip route list. if you prefer route -n, I can amend) looks like this:

default via 10.0.20.1 dev eth0 proto static src 10.0.20.88 metric 10
10.0.20.0/24 dev eth0 proto static scope link metric 10
192.168.8.0/24 dev br-lan proto kernel scope link src 192.168.8.1

When I fire up the modem, it looks like this:

default via 10.0.20.1 dev eth0 proto static src 10.0.20.88 metric 10
default via 10.24.57.196 dev wwan0 proto static src 10.24.57.195 metric 40
10.0.20.0/24 dev eth0 proto static scope link metric 10
10.24.57.192/29 dev wwan0 proto static scope link metric 40
192.168.8.0/24 dev br-lan proto kernel scope link src 192.168.8.1

So the default route over the internal interface still takes precedence. I found out how to lower the metric for a route:

ip route del 0.0.0.0/0.0.0.0 via <GW IP>
ip route add 0.0.0.0/0.0.0.0 via <GW IP> metric <new metric> proto static src <OUTGOING IP>

So the routing table looks like this:

default via 10.24.57.196 dev wwan0 proto static src 10.24.57.195 metric 5
default via 10.0.20.1 dev eth0 proto static src 10.0.20.88 metric 10
10.0.20.0/24 dev eth0 proto static scope link metric 10
10.24.57.192/29 dev wwan0 proto static scope link metric 40
192.168.8.0/24 dev br-lan proto kernel scope link src 192.168.8.1

But: Packets don’t flow over the LTE interface.

If I ping with ping -I , I get answers. If I ping without the source interface, the packets don’t get routed according to the routing table.

I also tried increasing the metric of the route via eth0, it did not help, same effect.

What other nerd-knob do I have to twist? Or is there some hidden daemon that needs to be poked when I fiddle with the routing table?

Thanks a lot

Simon

luochongjun · February 15, 2022, 3:49am

Looks like you need a network backup, why not consider MWAN3。

zaxxon · February 15, 2022, 9:43am

Thanks for the hint. so there is a hidden daemon lurking.

While fiddling with the mwan3 config seems excessive at the moment, thanks to your input I found the advanced config for the WAN interface where I could increase the metric to 50. This will make the route through the modem (metric 40, don’t find a field to change that) take precedence.

This is good enough for the moment.

I’m still confused what changing the routing table directly doesn’t work. But I don’t have to understand everything

Edit: I also had to disable mwan3 in luci → system → startup otherwise it would interfere. Now the box behaves more like a real-ish router.