Sticky wireguard connection with WAN fail-over
Sticky wireguard connection with WAN fail-over
I have a configuration with 2 WAN connections. The first is a fiber optic connection, the second is a USB 4G dongle. The desire is that if there is a disruption on the primary fiber connection, all connections switch to the 4G backup line. When the primary connections become available again, all connections should switch back.
The router has a Wireguard connection to a remote pfSense installation.
When the primary connection fails (by removing the cable from the WAN port), the router switches to the 4G connection very quickly. Within 1 second, the Wireguard tunnel is also active again. When the primary connection is restored, all connections go through the primary WAN connection again, except for the Wireguard tunnel which remains active on the 4G WAN connection.
Is this a bug or do I need to adjust a configuration somewhere?
I am using the cloud controller.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi @GTiMy77
Thanks for posting in our business forum.
GTiMy77 wrote
Creating a Wireshark of the WAN interface is no problem. I will do so when I'm back on site tomorrow.
Could you please instruct me how to mirror the USB LTE modem within the router? I'm not able to select the WAN interfaces to be mirrored. I don't know any other method to capture traffic on this interface
Interesting question about the interface status. As soon as I reboot the router, both WAN and USB LTE interface are in the state connected. The USB LTE interface only goes to the disconnected state when I unplug the USB dongle. The WAN interface goes to disconnected as soon as I remove the network cable. Both quite obvious :-). Otherwise the reported state is always connected:
So set up a static routing like this.
- Copy Link
- Report Inappropriate Content
What would be the goal of making this static route?
Still I don't know how to mirror the USB LTE interface.
Kind regards.
- Copy Link
- Report Inappropriate Content
Hi @GTiMy77
Thanks for posting in our business forum.
GTiMy77 wrote
What would be the goal of making this static route?
Still I don't know how to mirror the USB LTE interface.
Kind regards.
This is to fix your problem. The dev tested it and told me that would fix it. They have successfully switched the WAN based on that static routing.
So, no need to Wireshark now.
- Copy Link
- Report Inappropriate Content
Tested and it works! That is great news.
Do you think this is considered as a work around and a fix will come in a future release? The WAN interface is a DHCP client, so IP-adresses (and default gateway) could change on that side and that would undo this implementation right.
Many thanks for the help!
Kind regards.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1261
Replies: 14
Voters 0
No one has voted for it yet.