newbie stuck on multi-wan

Started by opensensical, November 16, 2024, 01:19:02 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 16, 2024, 01:19:02 AM
Hello,
I need to add a second WAN to my new opnsense setup.
I googled the topic and also referenced https://docs.opnsense.org/manual/how-tos/multiwan.html
But all of the above assume the second WAN is already configured.
I cannot find instructions to actually add the second interface and identify it as a WAN and not a LAN.
When I go to INTERFACES > ASSIGNMENTS and add an interface, there isn't a way to identify it as a WAN.
So, how does opnsense know if the data is coming or going?
Thanks in advance.
November 16, 2024, 01:58:29 AM #1
I think I may have figured it out.
My new interface appeared under INTERFACES.
I copied all the settings from the default WAN.
I hope that works.
I would delete my post but I can't find a DELETE option.
November 17, 2024, 09:56:49 PM #2 Last Edit: November 17, 2024, 10:16:06 PM by opensensical
I was able to set up multi-wan load balance group with IPV4 only.
The first WAN is working but when I add the second, the gateway shows 100% packet loss.
The WAN2 interface shows green and proper IPs are allocated.
When I check the logs I see arpresolve: can't allocate llinfo for 192.168.100.1 on igc2.
I don't know where that IP is coming from as I have not input that anywhere.
Then I noticed an update needed to be done, so I did it, and after the reboot, the gateway came up.
I did a speed test and my upload speed was capped with the slowest of the two services.
WAN has 500/500
WAN2 has 500/10
The upload speed was 600/10
So I gained a bit on download and lost a ton on upload.
How do I fix that?
Then, I disconnected my laptop from the LAN port and connected my switch and nothing on the switch came up.
How do I fix that?
Thanks in advance.
November 17, 2024, 10:39:22 PM #3
Quote from: opensensical on November 16, 2024, 01:19:02 AM
When I go to INTERFACES > ASSIGNMENTS and add an interface, there isn't a way to identify it as a WAN.
So, how does opnsense know if the data is coming or going?
OPNsense basically doesn't differ. On any interface traffic can go in and out, as long as the rules allow it.
So what is a WAN, depends primarily on the firewall rules.

On a WAN interface you probably want to check "block private networks" if you don't need it, which again adds filter rule to block it.
And if it has an upstream gateway you have to state it in the interface settings. This adds outbound NAT rules to this interface.

QuoteI did a speed test and my upload speed was capped with the slowest of the two services.
WAN has 500/500
WAN2 has 500/10
The upload speed was 600/10
So I gained a bit on download and lost a ton on upload.
How did you configure the gateway group?

If both gateways have the same tier and weight, OPNsense just go out on any of them and the connection will stick on this gateway. If cannot use both in parallel.
If you want to prefer one line you have to set the weight accordingly.
Did you even read the "Unequal Balancing (Weight)" in the docs article you mentioned above?
November 17, 2024, 11:55:24 PM #4 Last Edit: November 18, 2024, 01:32:48 AM by opensensical
I ended up going with Failover mode to get max speeds while retaining sticky connections.
Print
Go Up Pages1
User actions