Data flow through wireguard is continuously going through on the backup Line

Data flow through wireguard is continuously going through on the backup Line

Data flow through wireguard is continuously going through on the backup Line
Data flow through wireguard is continuously going through on the backup Line
3 weeks ago - last edited 3 weeks ago
Model: ER706W  
Hardware Version: V1
Firmware Version: 1.1.2 Build 20240726 Rel.77184(4555)

Hi All !

 

I'm facing to a strange problem and looking for help or solution. 

 

ER706W - Site A:  192.168.3.0/24

ER605 - Site B:  192.168.2.0/24

 

There is a nicely working S2S Wireguard VPN between the two sites between the two Omada routers. 

 

On Site A in the ER706W WAN2 as a primary connection and it is a 1Gigabit Cable connection and there is a USB dongle in it as a backup connection which I strictly want to use and allow to have traffic flowing through only in case the Primary fails since I have two HD IP Cameras in SITE A which are continuously loading the WAN with about 30Mbit traffic to SITE B where the NVR is. 

 

Therefore:

- my Link Backup setup is set to: "Backup when any primary WAN fails  

- Since Load Balancing is a must to be enabled with a backup link I have setup Policy routing with two rules:

   - 1st Rule The Two CamerasTo be routed through ONLY WAN2

   - 2nd rule is to route anything else through WAN2 as Priority 

 

And I thought this should cover the things and also the Omada Traffic Statistics are just showing very minor traffic through the USB. 

However in reality about 25% of the traffic is flowing through the USB dongle, it's clearly visible in the USB Dongle web admin that it is continuosly utilized. Since yesterday 48Gigabyte Traffic was upload through and about 160Gb through the WAN2 connection. 

 

USB is a 4G connection with a Sim Card Pre-paid so let's say I'm buying 1Gbit traffic exactly just to be able to reach the site in case WAN2 is down and to be able to get a notiftcation through this...etc so the purpose would be to really act as a backup only. You can imagine that this 1Gb pre-paid is gone in 10 minutes if it's like that how it is now.

Now I bought 2 days unlimited to the USB to be able to test and now I can see what's happening. 

 

Somehow the wireguard connection is bypassing the policy routing, and even if I un-click Load Balancing part of the traffic is still flowing through the USB. 

Is this normal due to the different nature of Wireguard ? Or am I configuring something wrong ? It all seems like it is considered as a LAN traffic and not a routed traffic. 

 

Any advice is appreciated. 

  0      
  0      
#1
Options
1 Accepted Solution
Re:Data flow through wireguard is continuously going through on the backup Line-Solution
3 weeks ago - last edited 3 weeks ago

  @MonsterVic 

 

Update: 

 

I disconnected the USB modem waited for one new Wireguard handshake to make sure the tunnel is though the primary WAN connection and then reconnected the USB modem, and now it's quiet, not utilized at all now all traffic is going through the primary WAN connectinon.

 

During the day I have tested the Backup to check if it is working properly, I disconnected the Primary WAN, router nicely did a fallback to the USB and then I reconnected back the Primary WAN and left it since. 

Can it be that during this backup test the Wireguard tunnel made a connection through the USB and then when the WAN was back online through the WAN but the USB session somehow stayed there until now I did a disconnect - connect ? 

Stil the policy based routing which says CAMERAS only through the WAN should have worked even during the backup test and after.  

 

That's pretty strange. 

Recommended Solution
  0  
  0  
#2
Options
1 Reply
Re:Data flow through wireguard is continuously going through on the backup Line-Solution
3 weeks ago - last edited 3 weeks ago

  @MonsterVic 

 

Update: 

 

I disconnected the USB modem waited for one new Wireguard handshake to make sure the tunnel is though the primary WAN connection and then reconnected the USB modem, and now it's quiet, not utilized at all now all traffic is going through the primary WAN connectinon.

 

During the day I have tested the Backup to check if it is working properly, I disconnected the Primary WAN, router nicely did a fallback to the USB and then I reconnected back the Primary WAN and left it since. 

Can it be that during this backup test the Wireguard tunnel made a connection through the USB and then when the WAN was back online through the WAN but the USB session somehow stayed there until now I did a disconnect - connect ? 

Stil the policy based routing which says CAMERAS only through the WAN should have worked even during the backup test and after.  

 

That's pretty strange. 

Recommended Solution
  0  
  0  
#2
Options