7061 questions

8461 answers

13730 comments

10429 members

+1 vote
137 views 6 comments
by

I use the RUTX12 load balancing feature to split outbound traffic between two modems.

Here's the problem: some websites really don't like that. A lot of sites (especially banking etc.) will simply refuse to keep your session alive if your IP address changes while logged in. This means that in some cases you can't view more than one or two pages before the RUTX12 sends some requests via the other modem. The website sees your IP address has changed, thinks your session has been poisoned, and boots you off.

A solution to this is called "sticky sessions" where a load balancer routes traffic intelligently, for example keeping all requests to somehostname.com or 123.123.123.123 on the same modem for a pre-defined period (minutes, hours). 

Does the RUTX12 support this? Or is there a way to suggest this feature be implemented to the devs?

At the moment, load balancing is quite limited by this.

Thanks.

by

I have this same problem. I can't fill my tax return if load balancing is enabled laugh

rutx12 is running a modified openwrt so I tried to enable the sticky connections setting from their manual

https://openwrt.org/docs/guide-user/network/wan/multiwan/mwan3

The required packages seem to be installed  by default:

root@Teltonika-RUTX12:~# opkg list-installed | grep mwan
luci-app-mwan3-tlt - git-20.218.33830-e9084f1
mwan3 - 2.8.12-1

added a rule before the "default_rule" and it seems to work. the "mwan3 restart" doesn't work but changing load balancing to failover and back again from web-gui seems to reload the settings

config rule 'https'
        option sticky '1'
        option dest_port '443'
        option proto 'tcp'
        option use_policy 'balance_default'

by

Thanks but it doesn't seem to have worked in my case - unless sites are throwing me off for a different reason.

How did you test it?

Just to clarify the exact steps I took:

1. Logged in via SSH
2. Edited the mwan config file:

vi /etc/config/mwan3
# Added the following above the "default_rule" block:
config rule 'https'
        option sticky '1'
        option dest_port '443'
        option proto 'tcp'
        option use_policy 'balance_default'

3. In the web GUI, turned Load Balancing off for my two modems, saved, then back on again, saved

Edit: changing rule name from "make_https_sticky" to just "https"; got this working.

by

You can test if the rule got applied. I assume the 'S' means the sticky rule is enabled

# mwan3 rules
Active ipv4 user rules:
20841 1286K S https  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 443
433K   33M - balance_default  all  --  *      *       0.0.0.0/0            0.0.0.0/0            

I think I modified the balance ratios to get the configuration reloaded. Also I added some values from examples I found on the forums. The below is my current rule

config rule 'https'                             
        option sticky '1'                       
        option timeout '300'                    
        option dest_port '443'                  
        option proto 'tcp'                      
        option dest_ip '0.0.0.0/0'              
        option use_policy 'balance_default'      

1 Answer

0 votes
by

Hello, 

For this query of yours I would like you to test this configuration :) 

1. Navigate to Network > Firewall > General Settings 
2. On the lowest part you will see Zones tab.
3. Click Add and create a zone for SIM 1 configuration would be like this:

4. Add another one for SIM 2: 

For clearer images kindly refer to this links: 
SIM 1: https://prnt.sc/10znv20
SIM 2: https://prnt.sc/10znvby

5. Lastly navigate to Network > Firewall > Traffic Rules from this tab you can create traffic rules and you can decide here where to send the request from a certain host to sim 1 or sim 2. You can specify the start time and end time of the rule also :) 

For more information kindly refer to this link: RUTX12 Firewall - Teltonika Networks Wiki (teltonika-networks.com)

I hope it helps. 

Regards,
Mellow
 

by
Hi Mellow

Thank you very much for the instructions. I will definitely use this for sites which frequently have issues with load-balanced connections.

However, it would be even more useful if I could get the sticky sessions option working with the mwan3 package.

Do you have any idea how I could do this?

Do you think this is something that Teltonika could add to the router as an officially supported feature via the GUI?

Thank you.
by
Hello,

For this request of yours it is best to check with your sales account manager for such feature requests.

I hope it helps

Regards,
Mellow
by
I managed to get this working. I saw in the system log an error message from mwan3 about an "invalid rule name".

My rule name was too long; I just had to shorten it.

I changed "make_https_sticky" to "https" and it worked after restarting mwan3. I could see the "S" indicating sticky.

Thanks!