EdgeRouter - WAN Load-Balancing
Overview
This article demonstrates how the EdgeRouter WAN Load-Balancing feature works and provides a manual configuration example.
- This feature allows the router to intelligently balance outgoing traffic using multiple WAN interfaces.
- Applicable to the latest EdgeOS firmware on all EdgeRouter models.
- The latest EdgeOS firmware can be downloaded from the EdgeRouter Downloads page.
Table of Contents
- Frequently Asked Questions (FAQ)
- Using the Load-Balancing Wizard
- Manual Configuration Example
- Additional Load-Balancing Options
- Troubleshooting
- Related Articles
Frequently Asked Questions (FAQ)
What is the minimal EdgeOS firmware version that supports Load-Balancing?
The Load-Balancing feature was introduced in EdgeOS firmware version v1.4.0. |
How many WAN interfaces can be used for Load-Balancing?
|
Using the Load-Balancing Wizard
WAN Load-Balancing uses the following configuration options:
WAN Interfaces
Defined in the load-balance section with optional criteria such as failover, weight and ping-targets.Firewall Policy
Defined in the firewall section using Load-Balancing exclusions and modify rules for matching traffic.LAN interface(s)
Defined in the interface section and applied to the LAN interface(s) in the ingress (in) direction.
Using WAN Load-Balancing, traffic sessions from the LAN clients are balanced across the WAN ports.
The EdgeRouter configuration wizard provides a quick and easy setup of the Load-Balancing feature:
1. Navigate to the Wizards tab to configure the Load-Balancing feature.
Wizards > Setup Wizards > Load Balancing
2. Choose which WAN interfaces will be used in the setup and define the Internet connection types.
First Internet port
Port: eth0
Internet connection type: DHCP / Static / PPPoE
Firewall: Enable the default firewall (checked)
Second Internet port
Port: eth1
Internet connection type: DHCP / Static / PPPoE
Firewall: Enable the default firewall (checked)
Failover Only: -
LAN port
Port: eth3
Address: 192.168.1.1 / 255.255.255.0
DHCP: Enable the DHCP server (checked)
3. Apply the changes and reboot the device when prompted.
Manual Configuration Example
It is recommended to use the wizard in the Web UI to automatically configure all of the different Load-Balancing options. The configuration example below shows how to manually configure the previous section using the command line.
1. Enter Configuration mode.
configure
2. Create a firewall network group specifying the private IP address ranges.
set firewall group network-group PRIVATE_NETS network 192.168.0.0/16
set firewall group network-group PRIVATE_NETS network 172.16.0.0/12
set firewall group network-group PRIVATE_NETS network 10.0.0.0/8
3. Create a firewall modify policy with exclusion rules for the WAN interface addresses and the network group created earlier.
set firewall modify balance rule 10 action modify
set firewall modify balance rule 10 destination group network-group PRIVATE_NETS
set firewall modify balance rule 10 modify table main
set firewall modify balance rule 20 action modify
set firewall modify balance rule 20 destination group address-group ADDRv4_eth0
set firewall modify balance rule 20 modify table main
set firewall modify balance rule 30 action modify
set firewall modify balance rule 30 destination group address-group ADDRv4_eth1
set firewall modify balance rule 30 modify table main
4. Add a firewall rule entry that sends all other traffic to a load balancing group.
set firewall modify balance rule 110 action modify
set firewall modify balance rule 110 modify lb-group G
5. Apply the firewall to the LAN interface in the ingress/in direction.
set interfaces ethernet eth3 firewall in modify balance
6. Create a Load-Balance group that includes the two WAN interfaces.
set load-balance group G interface eth0
set load-balance group G interface eth1
7. Commit the changes and save the configuration.
commit; save
Additional Load-Balancing Options
Route Test
This feature will test the connectivity of the WAN interface by sending probes (ICMP ping messages) to a predefined address.
The following options are available:
count success
Defines after how many tries the route test is considered successful before the interface changes state.count failure
Defines after how many tries the route test is considered failed before the interface changes state.initial-delay
Delay in seconds before the initial route test is started.interval
Number of seconds between pings.type
Defines whether to ping the default gateway, a custom host or use a script.
set load-balance group G interface eth0 route-test count success <nr>
set load-balance group G interface eth0 route-test count failure <nr>
set load-balance group G interface eth0 route-test initial-delay <nr>
set load-balance group G interface eth0 route-test interval <nr>
set load-balance group G interface eth0 route-test type ping target <host>
set load-balance group G interface eth0 route-test type default
set load-balance group G interface eth0 route-test type script <path>
Fail Over
Interface configured with the failover-only
option will only become active when the other WAN interface(s) fail the route test.
set load-balance group G interface eth1 failover-only
Local Load-Balancing
The lb-local
feature will also load balance the traffic from the router rather than using the main routing table.
set load-balance group G lb-local enable
Flush Conntrack Table
The flush-on-active
feature clears all connections in the conntrack table whenever a WAN transition occurs.
set load-balance group G flush-on-active enable
Local Metric Change
The lb-local-metric-change
feature automatically changes the router's default route distance and is most useful when using a failover setup.
set load-balance group G lb-local-metric-change enable
Route table
Configures the interface to use a custom routing table (valid routing table numbers are between 1-200).
set load-balance group G interface <id> route table 10
Weight
Defines the percentage of traffic that is forwarded out of each interface. The default weight ratio is 50/50.
set load-balance group G interface eth0 weight 70
set load-balance group G interface eth1 weight 30
Sticky
This option will keep traffic sessions on the same WAN interface until they are timed out. The following options are available:
dest-addr
Traffic sessions will be on the same WAN interface based on the destination address.dest-port
Traffic sessions will be on the same WAN interface based on the destination port.source-addr
Traffic sessions will be on the same WAN interface based on the source address.source-port
Traffic sessions will be on the same WAN interface based on the source port.proto
Traffic sessions will be on the same WAN interface based on the protocol.
set load-balance group G sticky dest-addr enable
set load-balance group G sticky dest-port enable
set load-balance group G sticky source-addr enable
set load-balance group G sticky source-port enable
set load-balance group G sticky proto enable
Troubleshooting
You can verify the Load-Balancing configuration and status with the following commands:
show load-balance status
show load-balance watchdog
show load-balance config
The main and Load-Balancing routing tables can be displayed with the commands below:
show ip route
show ip route table 201
show ip route table 202
Related Articles
EdgeRouter - Which EdgeRouter Should I Use?
EdgeRouter - Beginners Guide to EdgeRouter
Intro to Networking - How to Establish a Connection Using SSH