http://wiki.openwrt.org/doc/howto/mwan3 … figuration

No it refers to mwan3 rules which is why I linked you the instructions on creating mwan3 rules.

mwan3 rules also apply to router generated traffic. If you create a mwan3 rule for 208.67.222.222, it should work for lan clients as well as the router itself. If it does not work in your situation, we need to figure out why.

The solution is a two parter. The first part is simple. First create a mwan3 rule for dns. If you add this dns rule below your current mwan3 rules your router will use all the l2tp interfaces for dns lookup.

config rule 'dns'
    option dest_ip '208.67.222.222,208.67.220.220'
    option proto 'all'
    option use_policy 'balanced'

However mwan3 has no control over which source address is going to be used on the packets. That is completely in hands of kernel or application. You may need to nat this for this to work.

But i can suggest an alternative. I will assume here that all three l2tp connection traverse over your wwan interface. If you remove the option gateway form wwan interface and replace it with just a simple static routes to the xxx.xxx.xxx.xxx server(s), all your dns request from the router will now have the source ip address of the interface with the lowest gateway metric (in your case l2tp).

hello i hope someone can point me on what to do here:

current setup is openwrt with three wan

wan1 adsl line with metric 10
wan2 wifi line with metric 20

i have this working with mwan loadbalancing fine

now to this i added my usb dongle as interface wwan where i can't set metric because it uses some weird qmi protocol i can use ip route and remove default route and add metric but that's beside the point because

i don't want to pass traffic on the wwan0 (usb-dongle)  i want to run a openvpn tunnel over wwan0 and then loadbalance that tunnel
i defined a tun0 interface as wan3 and set the openvpn client config with metric 30

so currently wan adsl  metric 10
wan2 wifi metric 20
wan3 tun0 interface metric 30

how to make the openvpn tunnel run only on the wwan0 interface ? the tunnel has to be on the wwan0 interface not the other interface

the routing table two default router from the 

default 192.168.0.1 10 eth1
default  192.168.2.1 20 wlan0
default  *.*.*.*.*  wwan0  (can't set metric in luci or and network config it uses a qmi protocol from qualcom)

so my question is how to make the tunnel interface send the openvpn connect on tcp protocol only on the wwan0 interface and setup a tunnel endpoint i already set the config to set the appropirate metric of the tunnel interface and the ip in the client config i want to know how to send the tcp connection only on a specific interface  with the routing table above

(Last edited by miliford on 19 Feb 2015, 20:16)

Hi miliford,

Your solution sounds perfectly doable. Just go ahead and if you run into something i will try to help. Basically you do what you already said yourself. Create the 4 interfaces in network config: adsl, wifi, usb-dongle and openvpn. Create a static route to openvpn gateway over usb-dongle. Create three default routes for adsl, wifi and openvpn. Create mwan3 interfaces for those default routes and you are good to go.

Good luck!

(Last edited by Adze on 19 Feb 2015, 20:17)

Lets assume here that your openvpn gateway has ip address 1.1.1.1. What i would do is remove default route from usb-dongle (wwan0) and add a static route: 1.1.1.1/32 via wwan0. Then the tunnel will always be setup over wwan0.

(Last edited by Adze on 19 Feb 2015, 20:21)

will try it out thanks for your reply

just for kicks i am doing this because i noticed that the 4g provider that i'm using allows udp 53 and 9201 to be unfiltered and unmetered  the unfiltered part is interesting because i am not registered to any plans or have any balance  and still there firewall allows a udp packet to any host in the internet so a udp tunnel with openvpn protocol is free 4g internet 

udp 9201 is used by the old wap protocol so that is also left unfiltered but they do filter protocol so openvpn does not work  other ssl-vpn like softether  over udp 9201 or even another transport entirely like http://en.wikipedia.org/wiki/Datagram_C … l_Protocol works provided you can find a protocol that uses that transport, pdproxy uses a custom one also not a custom transport

(Last edited by miliford on 19 Feb 2015, 20:32)

Nice . Would you mind sharing which provider that is? And while udp9201 does not work, does OpenVPN over udp53 work?

udp 53 has the most chance of working because the idiot network admins who set the firewall ,i think face a conflict they have to allow dns resolution to the providers page to notify them to reacharge, they could just configure the firewall to only allow udp packet to there dns servers and none of the outside ones but i guess none of the admins thought that was a bad idea., instead i noticed most opting for a protocol filter over the these open ports this is also a horrible idea because you can even create a tunnel with dns over 53 using the iodined tool which works both in relay (using the providers namerserver) or directly use a nameserver that you provide . in relay mode (talking to the isp nameservers speed with null queries is crap 20 kb at max) but if your lucky like me and can access any server on the internet your talking maximum speeds  of the endpoint in the tunnel

the provider is asian a one  if you live in  asia (middle-east)  tell me i can pm you (hoping for it to last lol)

the iodined tool http://code.kryo.se/iodine/README.html

(Last edited by miliford on 19 Feb 2015, 20:59)

hey so i set it up correctly with two interface the wan and wwan ---tun0 tunnel  and can ping fine but am not able to loadbalance

the mwan3 luci page show wan2 (tun0) down because it can't ping the gateway it's a point to point link  but like i said i can ping through tun0 the tracking ip and anything on the internet both interface are pingable

is there anything special to do with mwan3 if one of the wan is virtual tun0 point to point link there

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:10.8.0.6  P-t-P:10.8.0.5  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:10 errors:0 dropped:0 overruns:0 frame:0
          TX packets:23 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:840 (840.0 B)  TX bytes:1932 (1.8 KiB)

i don't know how exactly point to point links work the openvpn server gateway is 10.0.0.1 but  all the routes are for 10.0.0.5 and it works  all traffic goes fine through the tun0 interface  just want to make it load balance

root@OpenWrt:~# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         10.8.0.5        128.0.0.0       UG    20     0        0 tun0
default         192.168.0.1     0.0.0.0         UG    10     0        0 eth1
10.8.0.1        10.8.0.5        255.255.255.255 UGH   0      0        0 tun0
10.8.0.5        *               255.255.255.255 UH    0      0        0 tun0
vpspublicip   wwan0gateway   255.255.255.255 UGH   0      0        0 wwan0
128.0.0.0       10.8.0.5        128.0.0.0       UG    0      0        0 tun0
wwan0ip   *               255.255.255.224 U     0      0        0 wwan0
192.168.0.0     *               255.255.255.0   U     10     0        0 eth1
192.168.1.0     *               255.255.255.0   U     0      0        0 br-lan

mwan3 is left unchanged

wan is eth1
wan2 is tun0

and mwan is default for wan and wan2

i have to mention this is how openvpn configures the tun0 adapter i only assigned metrics  for whats it worth i can't ping 10.0.0.5 because there server is 10.0.0.1 again this is something that has to do with  point to point connection ?

(Last edited by miliford on 20 Feb 2015, 12:54)

You have to remove the two more specific openvpn routes:

default         10.8.0.5        128.0.0.0       UG    20     0        0 tun0
128.0.0.0       10.8.0.5        128.0.0.0       UG    0      0        0 tun0

And replace them with a real default route. There is more info on this in this thread.

Hello everybody,
I have 2 wireless which i need combining to speed up (download). So i get 2 routers, one is Wzr-hp-ag300H(R1) and one is TL-MR3420(R2) with openWrt firmware.

At R2, i config it as a Client of a wireless and R2 is a client of another. Then, I install Mwan3 on R2, and it worked fine. But, when i acess speedtest.net to test this combination, it's not fine. The total speed is very slow, not equal each line.

This is MWAN Detailed Status

Interface status:
Interface wan is online (tracking active)
Interface wan2 is online (tracking active)

Policy balanced:
 wan2 (40%)
 wan (60%)

Policy wan2_only:
 wan2 (100%)

Policy wan2_wan:
 wan2 (100%)

Policy wan_only:
 wan (100%)

Policy wan_wan2:
 wan (100%)

Known networks:
destination        policy             hits     
-----------------------------------------------
127.0.0.0/8        default            0        
224.0.0.0/3        default            0        
192.168.1.0/24     default            11213    
192.168.3.0/24     default            19457    
192.168.6.0/24     default            954      
127.0.0.0          default            0        
127.0.0.0/8        default            0        
127.0.0.1          default            0        
127.255.255.255    default            0        
192.168.1.0        default            0        
192.168.1.54       default            11211    
192.168.1.255      default            0        
192.168.3.0        default            0        
192.168.3.214      default            19403    
192.168.3.255      default            0        
192.168.6.0        default            0        
192.168.6.1        default            430      
192.168.6.255      default            0        

Active rules:
source             destination        proto  src-port      dest-port     policy          hits     
--------------------------------------------------------------------------------------------------
0.0.0.0/0.0.0.1    0.0.0.0/0          tcp    0:65535       443           wan_wan2        0        
0.0.0.1/0.0.0.1    0.0.0.0/0          tcp    0:65535       443           wan2_wan        2        
0.0.0.0/0          0.0.0.0/0          all                                balanced        281

This is combination: This time maybe lucky, last time the download only 500kBps

This is R1

This is W2

(Last edited by thelovemyth on 23 Feb 2015, 10:53)

Please read the wiki:
http://wiki.openwrt.org/doc/howto/mwan3 … cing_works

Thanks arfett, i read it. But i saw on youtube, people test Loadbancing by speedtest.net like me!

https://www.youtube.com/watch?v=4wGJAby6dmM

Sometimes the combination have slower than single connection. Or if i use 2 wireless card and software Connectify Dispatch, i will have better result.

This is i use Connectify Dispatch.

I saw the different between 2 way, is it right ?

(Last edited by thelovemyth on 23 Feb 2015, 12:05)

The total speed of combined interfaces when using mwan3 with speedtest may vary. Some test servers use multiple concurrent connections, where you will see an increase in down- and upload speeds. Some test servers only use one connection. In this last case your max speed will be that of one interface.

The fact that you sometimes see 500kb or less, would suggest other problems. Like interference, speed-duplex issues or connection tracking issues. Try to find the problem by rule out factors.

(Last edited by Adze on 23 Feb 2015, 15:03)

Thanks Adze, now I think I saw the problem, but i dont know why.

When I connect directly wireless, I have maximum speed. If i use a router (have Openwrt fw inside) as Client, and i connect this router by wire, i will have slower speed. And if i connect wireless of this router, the speed slow slower...

If I have another router connect with the first router. Anyway, by wire or wireless, the speed will slower than First router's wire.

Anyone know why?

from the above pictures you have shown and based on the hardware you outlined  both being single radio routers where openwrt runs the the radio in  repeater mode ap+client on one radio reduces bandwith by a huge amount  if you still one want a repeated wifi signal from both the ap i suggest you plug two wifi adapter on the usb port of each router. if a repeated signal of both wifi is not required , a single wifi adapter on the loadbalancing router would work. also set the channels appropriately to avoid interference.

(Last edited by miliford on 23 Feb 2015, 21:39)

Thanks miliford,
My English is not good enough, But i understand :

I take a router have usb port and usb wifi, I connect W1 by this usbwifi and set usbport as Wan port. After that, i get wireless W2 as Client on my router. After all, i will use mwan3 to load banlancing two this wireless (W1 and W2)

Is it right?

using a usb wifi to connect to the first isp and the built in wifi radio of the router to the second isp and then you can load balance those two interfaces and get the combined throughput over Ethernet lan

if you require your own wifi then install another wifi router  and connect to the lan port of the loadbalancing router

my point to all this is using a radio in repeater mode reduces bandwidth by a huge amount so independent radio links is  a good idea for the best throughput

(Last edited by miliford on 27 Feb 2015, 03:46)

Cool utility guys! I'm trying to get this working with two aircards plugged into a Ubiquiti Airrouter, actually. The aircards both work - I can ping on each interface, here are cleaned ping results:

# ping 8.8.8.8 -c 1 -I 3g-umts0
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=246 time=114.748 ms
1 packets transmitted, 1 packets received, 0% packet loss

# ping 8.8.8.8 -c 1 -I eth2
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=243 time=218.783 ms
1 packets transmitted, 1 packets received, 0% packet loss

The two cards are an ATT 340U and a Sprint 341U.

Here are relevant interfaces from /etc/config/network

config interface 'wwan1'
    option auto 0
    option ifname 'eth2'
    option proto 'dhcp'
    option device '/dev/sprint1'
    
config interface 'umts0'
    option auto 0
    option ifname 'ppp0'
    option proto '3g'
    option service 'umts'
    option apn 'isp.cingular'
    option device '/dev/att2'

Here is relevant information for the ATT (PPP) card:

daemon.notice pppd[27492]: Connect: 3g-umts0 <--> /dev/att2
daemon.warn pppd[27492]: Could not determine remote IP address: defaulting to 10.64.64.64
daemon.notice pppd[27492]: local  IP address 166.217.128.137
daemon.notice pppd[27492]: remote IP address 10.64.64.64
daemon.notice pppd[27492]: primary   DNS address 209.183.33.23
daemon.notice pppd[27492]: secondary DNS address 209.183.35.23

My problem lies in the failover process. mwan3 successfully notices when I remove a card, and attempts to failover to a different card. However, there is no default route added for the interface after failover.

I dont't think I can manually add a default route, because I don't know the gateway. The gateway is generally obtained via DHCP from the carrier (Sprint, ATT, etc).

Here's an illustration of the problem:

route -n with only the ATT card

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.64.64.64     0.0.0.0         UG    0      0        0 3g-umts0
10.64.64.64     0.0.0.0         255.255.255.255 UH    0      0        0 3g-umts0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 br-lan
192.168.200.0   0.0.0.0         255.255.255.0   U     0      0        0 eth1

route -n with sprint card added after ATT card has been added

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         173.152.1.97    0.0.0.0         UG    0      0        0 eth2
10.64.64.64     0.0.0.0         255.255.255.255 UH    0      0        0 3g-umts0
173.152.1.96    0.0.0.0         255.255.255.248 U     0      0        0 eth2
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 br-lan
192.168.200.0   0.0.0.0         255.255.255.0   U     0      0        0 eth1

route -n with the sprint card removed again... notice no default route. mwan3 correctly trying to use umts0, but not succeeding.

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.64.64.64     0.0.0.0         255.255.255.255 UH    0      0        0 3g-umts0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 br-lan
192.168.200.0   0.0.0.0         255.255.255.0   U     0      0        0 eth1

Is there a normal way to handle this problem? Any ideas? Thanks so much.

Hi jmarlin,

Configure metrics for each of your wan interfaces. See the wiki for more info.

(Last edited by Adze on 2 Mar 2015, 22:42)

Thanks Adze! I missed that because I thought it was referring to the "metric" options I defined in the members in the mwan3 configuration file... sorry about the mistake!

I will add a "metric" to my UCI interface configurations in /etc/config/network.

The wiki also refers to enabling "Use default gateway" in LuCI. Do you happen to know the UCI setting that that option sets? Is it "defaultroute"?

You shouldn't neet to set anything in UCI as that is the default AFAIK.

That box is checked for me and this is my config:

config interface 'wan'
    option ifname 'eth1'
    option proto 'dhcp'
    option peerdns '0'
    option dns '8.8.8.8 8.8.4.4'
    option metric '10'