Load Balanser

A dual wan setup allows you to increase your internet bandwidth. You can load balance traffic as per your needs. You can get internet connection redundancy and failover. If one connection goes down your traffic will be routed automatically to a backup connection. Requirements

Two internet connections from two different ISPs. You can mix-match ADSL/FTTH/4G LTE/Cable/T1/FIOS connection as per your needs.

  • DefenseBolt router with three network ports (NICS).
  • Two ISP modems with network port (NIC)
  • Static or dynamic IPs from ISPs
  • Monitor IP # 1 for ISP # 1 – 8.8.8.8(google dns IP)
  • Monitor IP # 2 for ISP # 2 – 208.69.38.205 (opendns IP)
../_images/image1.jpg
  • I have two ISP modems+routers with dynamic IP address assigned.
  • You need to connect each modem with DefenseBolt using an Ethernet connection.
  • You need to connect a network switchto DefenseBolt using an Ethernet connection.

All systems/servers/printers/wifi on LAN uses 172.16.1.254/24 subnet with 172.16.1.254 as a default gateway.

Configuration

Before starting, make sure all of the WAN-type interfaces are enabled with static IP WANs and with a gateway set as described above.

Configure DefenseBolt LAN interface

Open DefenseBolt web interface using http://172.16.1.254/ > Interfaces > LANand set it as.

../_images/image2.jpg

Configure DefenseBolt wan01 interface (ADSL ISP #1)

Open DefenseBolt web interface using http://172.16.1.254/ > Interfaces > WAN 01 and set it as.

../_images/image3.jpg

Now the first WAN interface configuredwith a Static IP from the Interfaces menu. If you want you can set type to DHCP depending on your ISP 1 modem settings. Next make sure the gateway IP responds to ping to confirm that WAN 1 is actually online and working before proceeding. You can do this from DefenseBolt itself by visiting Diagnostics > Ping

../_images/image4.jpg

Configure DefenseBolt wan02 interface (ADSL ISP #2)

Open DefenseBolt web interface using http://172.16.1.254/ > Interfaces > WAN 02 and set it as

../_images/image5.jpg

Now the second WAN interface configured with a Static IP from the Interfacesmenu. If you want you can set type toDHCP depending on your ISP 2 modem settings. Next make sure the gateway IP responds to ping to confirm that WAN 2is actually online and working beforeproceeding. You can do this from DefensseBolt itself by visiting Diagnostics > Ping

../_images/image6.jpg

Confirm both gateways are online

Once both gateways have been defined, visit Status > Gateways

../_images/image7.jpg

If they’re green, the connection to the gateway is OK and you need to configure monitor IP.

Configure monitor IP for each gateway

Visit System > Routing > Select Gateways tab and you will see a screen as follows with private IP set as monitor IP for each gateway:

../_images/image8.jpg

Click on edit gateway icon (button) for wan_adsl2_l1GW (default) and setmonitor IP to 8.8.8.8:

../_images/image91.jpg

Next, click on edit gateway icon (button) for WAN_ADSL2_L2 (ADSL ISP # 2) and set monitor IP to 208.69.38.205:

../_images/image101.jpg

The gateway configuration has been changed. The changes must be applied for them to take effect. So click on the Apply Changes button.

../_images/image111.jpg

Configuring dual WAN link load balancer

Finally, you are ready to configure the DefenseBolt as a Load Balancer by visiting System > Routing > Select the Gateway Groups > Click the Add button:

../_images/image121.jpg
  • Set Group Name to “WanLoadBalancer“.
  • Set Gateway Priority for both gateways to “Tier 1“. Please note that when two gateways are on the same tier (e.g. Tier 1), they will load balance.This means that on a per-connection basis, connections are routed over each WAN in a round-robin manner. If any gateway on the same tier goes down, it is removed from use and the other gateways on the tier continue to operate normally.
  • Set Trigger Level to “Memberdown“.
  • Set Description to “My Dual ADSL Wan Link Load Balancer“
  • Finally click the Save > Apply Changes button.

Configuring link fail over

Next, configure the DefenseBolt as a failover for wan connections by visiting System > Routing > Select the Gateway Groups > Click the Add button:

../_images/image131.jpg

When two gateways are on different tiers, the lower tier gateway(s) are preferred. If a lower tier gateway goes down, it is removed from use and the next highest tier gateway is used. This is how failover works on DefenseBolt. So to set link failover for ADSL 1:

  • Set Group Name to “ADSLLinkFailover2“
  • Set Gateway Priority wan_adsl2_l1GW (ISP 1) to “Tier 1“
  • Set Gateway Priority wan_adsl2_l2GW (ISP 2) to “Tier 2“
  • Set Trigger Level to “Member down“
  • Set Description to “Link failover for ADSL 1“

Set link failover for ADSL 2 as follows and swap Gateway Priority:

../_images/image141.jpg

Finally click the Save > Apply Changes button to finish the LB and failover gateway configuration.

Configuring the firewall rules for load balancer

You need to pass traffic to these LBs using the Gateway setting on firewall rules. Click on Firewall > Rules > Lan > Add and set it as follows:

../_images/image151.jpg

Click on the Display advanced button > scroll down > find Gateway optionand set it to WanLoadBalancer:

../_images/image16.jpg

Click the Save > Apply Changes button to save firewall rules.

Configuring the firewall rules for failover

You need to pass traffic to these failover gateways using the Gateway setting on firewall rules. Click on Firewall > Rules > Lan > Add and set it as follows:

../_images/image17.jpg

Click on the Display advanced button > scroll down > find Gateway optionand set it to ADSLLinkFailover1:

../_images/image18.jpg

Click the Save > Apply Changes button to save firewall rules. Repeat thefirewall rule for ADSLLinkFailover2.