10887 questions

12975 answers

20228 comments

26222 members

0 votes
121 views 7 comments
by

Dear all,

With fw RUT9_R_00.07.01.4 I built a setup with three failover connections in the following order (wan/ eth1, wwan/ wlan0, and mob1s1a1/ wwan0) all using dhcp, with then wan connection being the default. Additionally I have a static ip + dhcp server configured on Lan/ eth0.

The problem I observe is, that even when wan is detected as "Offline" by failover, traffic from the lan network is still routed over the wan interface, resulting in traffic being interrupted and the two failover options wwan and mob1s1a1 not being used.

I did some debugging on this and here is what I can say: I can test the failover functionality manually switching wan interface to "off" in the webinterface. Then failover successfully switches to next available interface, in this case it would be wwan. However if I set a non-reachable track-ip for the wan failover, the failover will recognize the interface as offline, but traffic is still routed over it and the interface still shows as online in the interfaces tab.

Attaching the output of vuci.network.mwan status. I am not sure if it shows conflicting information about the status of interface "wan"? It is both listed as offline and up, and both offline and online counters are increasing...

I am really clueless here on how to proceed. Any suggestions? Happy to provide more details.

Thanks much!
Benjamin


P.S. output of vuci.network.mwan for interface "wan":

{'enabled': True, 'score': 0, 'up': True, 'age': 6, 'turn': 216, 'track_ip': [{'status': 'down', 'latency': 0, 'packetloss': 0, 'ip': '8.8.8.7'}], 'online': 0, 'uptime': 2492, 'running': True, 'downtime': 2365, 'offline': 0, 'status': 'offline', 'lost': 216}

by
I also had this problem with a 2 interface failover config on the same firmware: https://community.teltonika-networks.com/47962/rut240-firmware-rut2_r_00-doesnt-drop-main-route-when-fails with similar logs reporting the main wan had been switched to backup due to ping failure on main wan, but traceroute showed the packets still going over the main wan interface.  It is still on my todo list to test again with previous firmware versions.

1 Answer

0 votes
by
Hello,

I have tried to replicate your scenario by configuring failover in the following order: wan/ eth1, wwan/ wlan0, and mob1s1a1/ wwan0. I also changed the Track IP to 8.8.8.7, however, the switch does happen and traffic is rerouted. Could you provide more details about your testing steps, any additional configurations?

Also, you could connect to the router vis SSH and enter command logread -f, to see in real time what happens, when the main WAN interface does not ping the specified address.

Best regards,

Žygimantas
by

Dear Žygimantas, dear support team,

thanks for looking into this. There are currently no other configurations on the router that I know of, except the wifi interface also serves an access point for clients (while being the wwan backup as a wifi client itself). 

Then, for testing, all I do is to change the track ip of wan to an unreachable destination. Then secondly I perform a traceroute from both the router terminal (via ssh) and from a connected lan client, and both still route via the gateway connected to primary wan.

The logread does not show anything too abnormal, allthough it looks like it directly tries to switch to mob1s1a1 even though wwan0 would also be available. Adding the full log to the original ticket. I am posting the relevant lines here:

Tue May 17 13:38:07 2022 user.info mwan3track[3063]: Check (ping) failed for target "8.8.8.7" on interface wan (eth1)
Tue May 17 13:38:17 2022 user.notice mwan3[3656]: Execute ifup event on interface wwan (wlan0)
Tue May 17 13:38:36 2022 user.notice mwan3[4749]: Execute ifup event on interface mob1s1a1 (wwan0)
Tue May 17 13:38:45 2022 kern.info Switched to backup WAN (mob1s1a1)
Tue May 17 13:38:50 2022 user.notice mwan3[4785]: Execute ifdown event on interface wan (eth1)
Tue May 17 13:39:05 2022 user.info mwan3track[3063]: Detect ifdown event on interface wan (eth1)
Tue May 17 13:39:05 2022 user.info mwan3track[4073]: Check (ping) failed for target "8.8.8.8" on interface wwan (wlan0)
Tue May 17 13:39:15 2022 user.notice mwan3track[3063]: Interface wan (eth1) is offline

Then, when I do a "traceroute 8.8.8.8" both in router terminal and connected client, it will still go through wan.

How can I proceed?

Thanks
Benjamin

by

I have a similar problem, but it will probably work if you have a registered IfUp or IfDown event on the interfaces.

-> I want the event to be driven by ping Lost and Failoverrules also.

Details:

In my case I want Failover to work when I lose Ping8.8.8.8, on eth1 and Switch to mob1s1a1. And revert to eth1 when this is regeistrerad as Online.

Something happens when with the routes, SMTP i lost when running failover to mob1s1a1, and regained when disableling mob1s1a1 and running on eth1.

So I loose DNS-server there fore NTP is also lost.

Regards Pelle

Edit I am on a Private Network and APN. can't use whois.

Test Block 8.8.8.8/1.1.1.1 in the Firewall(Whole network for the different interfaces(Ip-adresses))

1. eth1

2. mob1s1a1

-> Ping will fail in the Trouble Shoot System-log(As expected)

Online Indication Won't work as expected in Failover.. Shows Offline for eth1 all the time. reboot shows both online.

Edit2:

Configuration\Failover

Reliability should be set to no more than the number  IP-adresses that is declared!?

This seems to set the Online Indication to the expected value. 

by

Hello,

To eberhab:

Could you check, what do you get when you access the internet after failover? Specifically, what IP is show when you enter “What is my IP“ in google search, or enter a site like this. Does it show the public IP of your WAN or Mobile interface?

Best regards,

Žygimantas

by
@ZygimantasBliu: I have just checked outside wan ip via your lined website, then triggered failover via unreachable ping target, then checked wan ip again. It remains unchanged on my DSL provider IP, supporting our previous observation from the traceroute test.

Is there any additional information/ logs/ commands on the router I can provide?

Happy to share a tmate/ mumble if you want to have a quick look at the router terminal yourself.
by

To Pelle:

The switch from the secondary failover option back to your main WAN happens automatically, once the interface comes back online.

Regarding your SMTP problem, it might be that your mobile public IP is recognized as insecure or unreliable, therefore, one of the things you could try is to login to your email account while being connected to the internet via your mobile interface to introduce your SIM IP to the mail server.

For DNS, the default DNS should be given by your provider, but you can also enter custom DNS servers in the WebUI, by navigating to Network -> Interfaces, entering your mobile interface editing window, and switching to Advanced settings tab. 

If you fail to receive correct time or do not get updated, access your device via CLI/SSH and try restarting the NTP service by entering this command: 

  • /etc/init.d/ntpclient restart

Best regards,

Žygimantas

  

by

To Žygimantas

Thanks for your help, I'm now checking with all the tips you gave me..

But before the log was full of but "Success"

Wed May 18 09:50:59 2022 user.info mwan3track[17954]: Check (ping) failed for target "8.8.8.7" on interface wan (eth1)

Is it normaly only showing failed in System Log?

* CLI via WEB was a pain.. IP, not DNS-Name worked.

Can I see what is the current active Routing/Interface to "Wan" here?

Sent a email.. it still originated from eth1..

Should I flush Connections?

Edit1:

If I Disable Eth1 then the sent email gets the correct sender IP. mob1s1a1. So failover with only losing 1.1.1.1 as "Event" does not seem to Reroute all the trafic.