============= Load Balanser ============= A dual wan setup allows you to increase your internet bandwidth. You can load balance traffic as per your needs. You can get internet connection redundancy and failover. If one connection goes down your traffic will be routed automatically to a backup connection. Requirements Two internet connections from two different ISPs. You can mix-match ADSL/FTTH/4G LTE/Cable/T1/FIOS connection as per your needs. - DefenseBolt router with three network ports (NICS). - Two ISP modems with network port (NIC) - Static or dynamic IPs from ISPs - Monitor IP # 1 for ISP # 1 – 8.8.8.8(google dns IP) - Monitor IP # 2 for ISP # 2 – 208.69.38.205 (opendns IP) .. image:: ./loadbalanserr/image1.jpg :scale: 100% - I have two ISP modems+routers with dynamic IP address assigned. - You need to connect each modem with DefenseBolt using an Ethernet connection. - You need to connect a network switchto DefenseBolt using an Ethernet connection. All systems/servers/printers/wifi on LAN uses 172.16.1.254/24 subnet with 172.16.1.254 as a default gateway. Configuration Before starting, make sure all of the WAN-type interfaces are enabled with static IP WANs and with a gateway set as described above. **Configure DefenseBolt LAN interface** Open DefenseBolt web interface using http://172.16.1.254/ > Interfaces > LANand set it as. .. image:: ./loadbalanserr/image2.jpg :scale: 100% Configure DefenseBolt wan01 interface (ADSL ISP #1) Open DefenseBolt web interface using http://172.16.1.254/ > Interfaces > WAN 01 and set it as. .. image:: ./loadbalanserr/image3.jpg :scale: 100% Now the first WAN interface configuredwith a Static IP from the Interfaces menu. If you want you can set type to DHCP depending on your ISP 1 modem settings. Next make sure the gateway IP responds to ping to confirm that WAN 1 is actually online and working before proceeding. You can do this from DefenseBolt itself by visiting **Diagnostics > Ping** .. image:: ./loadbalanserr/image4.jpg :scale: 100% Configure DefenseBolt wan02 interface (ADSL ISP #2) Open DefenseBolt web interface using http://172.16.1.254/ > Interfaces > WAN 02 and set it as .. image:: ./loadbalanserr/image5.jpg :scale: 100% Now the second WAN interface configured with a Static IP from the Interfacesmenu. If you want you can set type toDHCP depending on your ISP 2 modem settings. Next make sure the gateway IP responds to ping to confirm that WAN 2is actually online and working beforeproceeding. You can do this from DefensseBolt itself by visiting **Diagnostics > Ping** .. image:: ./loadbalanserr/image6.jpg :scale: 100% **Confirm both gateways are online** Once both gateways have been defined, visit **Status > Gateways** .. image:: ./loadbalanserr/image7.jpg :scale: 100% If they’re green, the connection to the gateway is OK and you need to configure monitor IP. **Configure monitor IP for each gateway** Visit **System > Routing > Select Gateways** tab and you will see a screen as follows with private IP set as monitor IP for each gateway: .. image:: ./loadbalanserr/image8.jpg :scale: 100% Click on **edit gateway** icon (button) for wan_adsl2_l1GW (default) and setmonitor IP to 8.8.8.8: .. image:: ./loadbalanserr/image9.jpg :scale: 100% Next, click on edit gateway icon (button) for WAN_ADSL2_L2 (ADSL ISP # 2) and set monitor IP to 208.69.38.205: .. image:: ./loadbalanserr/image10.jpg :scale: 100% The gateway configuration has been changed. The changes must be applied for them to take effect. So click on the **Apply Changes** button. .. image:: ./loadbalanserr/image11.jpg :scale: 100% Configuring dual WAN link load balancer Finally, you are ready to configure the DefenseBolt as a Load Balancer by visiting **System > Routing** > Select the **Gateway Groups** > Click the **Add** button: .. image:: ./loadbalanserr/image12.jpg :scale: 100% - Set **Group Name** to “WanLoadBalancer“. - Set **Gateway Priority** for both gateways to “Tier 1“. Please note that when two gateways are on the same tier (e.g. Tier 1), they will load balance.This means that on a per-connection basis, connections are routed over each WAN in a round-robin manner. If any gateway on the same tier goes down, it is removed from use and the other gateways on the tier continue to operate normally. - Set **Trigger Level** to “Memberdown“. - Set **Description** to “My Dual ADSL Wan Link Load Balancer“ - Finally click the **Save > Apply Changes button.** **Configuring link fail over** Next, configure the DefenseBolt as a failover for wan connections by visiting **System > Routing** > Select the **Gateway Groups** > Click the **Add** button: .. image:: ./loadbalanserr/image13.jpg :scale: 100% When two gateways are on different tiers, the lower tier gateway(s) are preferred. If a lower tier gateway goes down, it is removed from use and the next highest tier gateway is used. This is how failover works on DefenseBolt. So to set link failover for ADSL 1: - Set **Group Name** to “ADSLLinkFailover2“ - Set **Gateway Priority** wan_adsl2_l1GW (ISP 1) to “Tier 1“ - Set **Gateway Priority** wan_adsl2_l2GW (ISP 2) to “Tier 2“ - Set **Trigger Level** to “Member down“ - Set **Description** to “Link failover for ADSL 1“ Set link failover for ADSL 2 as follows and swap Gateway Priority: .. image:: ./loadbalanserr/image14.jpg :scale: 100% Finally click the **Save > Apply Changes** button to finish the LB and failover gateway configuration. **Configuring the firewall rules for load balancer** You need to pass traffic to these LBs using the Gateway setting on firewall rules. Click on **Firewall > Rules > Lan > Add** and set it as follows: .. image:: ./loadbalanserr/image15.jpg :scale: 100% Click on the **Display advanced** button > scroll down > find Gateway optionand set it to WanLoadBalancer: .. image:: ./loadbalanserr/image16.jpg :scale: 100% Click the **Save > Apply Changes** button to save firewall rules. **Configuring the firewall rules for failover** You need to pass traffic to these failover gateways using the Gateway setting on firewall rules. Click on **Firewall > Rules > Lan > Add** and set it as follows: .. image:: ./loadbalanserr/image17.jpg :scale: 100% Click on the **Display advanced** button > scroll down > find Gateway optionand set it to ADSLLinkFailover1: .. image:: ./loadbalanserr/image18.jpg :scale: 100% Click the **Save > Apply Changes** button to save firewall rules. Repeat thefirewall rule for ADSLLinkFailover2.