I enabled Balanced mode for WAN Management.
When I disconnect WAN1, Link is not switched to WAN2.
Please can you post the output of the following commands:
- db networks show
- shorewall show -i
Then, search for the event wan-update inside the messages: grep wan-update /var/log/messages.
1 Like
I have been studying shorewall, http://shorewall.net
and I have made some changes in my lsm.conf located in /etc/lsm/lsm.conf
No changes
# ================= DO NOT MODIFY THIS FILE =================
#
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at https://dev.nethesis.it/projects/nethserver/wiki/NethServer
# original work from http://www.contribs.org/development/
#
# Copyright (C) 2013 Nethesis S.r.l.
# http://www.nethesis.it - support@nethesis.it
#
#
# Debug level: 0 .. 8 are normal, 9 gives lots of stuff and 100 doesn't
# bother to detach
#
#debug=10
#debug=9
debug=8
#
# Defaults for the connection entries
#
defaults {
name=defaults
checkip=127.0.0.1
eventscript=/usr/libexec/nethserver/lsm-wan-link-update
notifyscript=
max_packet_loss=9
max_successive_pkts_lost=6
min_packet_loss=8
min_successive_pkts_rcvd=3
interval_ms=5000
timeout_ms=2000
warn_email=root
check_arp=0
sourceip=
# if using ping probes for monitoring only then defaults should
# not define a default device for packets to autodiscover their path
# to destination
# device=eth0
# use system default ttl
ttl=0
# assume initial up state at lsm startup (1 = up, 0 = down, 2 = unknown (default))
# status=1
}
#
# 20providers
#
connection {
name=aba11
checkip=8.8.8.8
device=eth1
}
group {
name=aba1
logic=0
member-connection=aba11
}
connection {
name=aba21
checkip=8.8.8.8
device=eth2
}
group {
name=aba2
logic=0
member-connection=aba21
}
connection {
name=aba31
checkip=8.8.8.8
device=eth3
}
group {
name=aba3
logic=0
member-connection=aba31
}
With changes
# ================= DO NOT MODIFY THIS FILE =================
#
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at https://dev.nethesis.it/projects/nethserver/wiki/NethServer
# original work from http://www.contribs.org/development/
#
# Copyright (C) 2013 Nethesis S.r.l.
# http://www.nethesis.it - support@nethesis.it
#
#
# Debug level: 0 .. 8 are normal, 9 gives lots of stuff and 100 doesn't
# bother to detach
#
#debug=10
#debug=9
debug=8
#
# Defaults for the connection entries
#
defaults {
name=defaults
checkip=127.0.0.1
eventscript=/usr/libexec/nethserver/lsm-wan-link-update
notifyscript=
max_packet_loss=9
max_successive_pkts_lost=6
min_packet_loss=8
min_successive_pkts_rcvd=3
interval_ms=100
timeout_ms=100
warn_email=root
check_arp=0
sourceip=
# if using ping probes for monitoring only then defaults should
# not define a default device for packets to autodiscover their path
# to destination
device=eth0
# use system default ttl
ttl=0
# assume initial up state at lsm startup (1 = up, 0 = down, 2 = unknown (default))
status=1
}
#
# 20providers
#
connection {
name=aba11
checkip=8.8.8.8
device=eth1
}
group {
name=aba1
logic=0
member-connection=aba11
}
connection {
name=aba21
checkip=8.8.8.8
device=eth2
}
group {
name=aba2
logic=0
member-connection=aba21
}
connection {
name=aba31
checkip=8.8.8.8
device=eth3
}
group {
name=aba3
logic=0
member-connection=aba31
}
I changed the values of:
interval_ms=100
timeout_ms=100
And
# if using ping probes for monitoring only then defaults should
# not define a default device for packets to autodiscover their path
# to destination
before: #device=eth0
after: device=eth0
Turn off my ISPs, and I went back to activate. and the short time to go down the ISP will be activated
Try it and tell us how it went.
regards @bsprakash @giacomo
2 Likes
iāve allready done diff , but your were the first who post it 
Check now /etc/e-smith/templates/etc/lsm/lsm.conf 10base and make changes to database file
1 Like
This should really be noted as a bug and the change be implemented into NethServer. Iāve been doing some testing today with WAN failover and it was taking so long to fail over and fail back that it was pretty much useless. After changing interval_ms and timeout_ms to 100, it took a reasonable amount of time to fail over and fail back (10-15 seconds).
Edit: The more testing I do, the more I think the options for probing/check ip should be custom configurable. In my experience with enterprise hardware, thereās usually two options for failover:
- how often to ping
- how many failed pings before failover
ā¦and two options for failback:
- how often to ping
- how many successful pings before failback
Being able to customize those settings under āadvancedā options for multi wan would be absolutely amazing!
2 Likes
I think that we need to completely revise the multi wan failover behaviour, based on experience with customers and an old implementation I did years ago.
Iād like to receive your opinions.
I see two different options for line failure:
-
near distance
-
long distance
-
is about pinging your gateway or a close system, just to understand if the line is up
-
is pinging letās say 8.8.8.8 and 8.8.4.4 to understand if your ISP has routing problems
-
can use high frequency ping (every few ms) and be reactive
-
needs to send only a few packets per minute, to more than one host to be sure the net is working
Current implementation is following shorewall multi isp guidelines (http://shorewall.net/MultiISP.html).
Iām biased towards 2, because if an adsl line is up but you canāt reach websites because the isp has problems, you feel that the system is not working. But we could find a solution to both scenarios, maybe offering some advanced options like @Adam is suggesting.
In the past, I hacked a daemon to send ādns pingā to some (at least 5) dns servers geographically distant. If at least one answered I assumed the line was up.
Also, I think we need to find a way to get rid of the static route to the check ip, to avoid having to use a different ip for every link.
Iām going to read again shorewall manual next week to see if I can find a way to obtain this.
If someone has ideas, please share here. Thanks.
3 Likes
Iāve seen some ISPs have failures where their gateway and dns servers are available, but they are not able to route traffic to the internet. So I would prefer option 2 as a more reliable option.
Edit: Can I ālikeā the above post twice?? So much thought and care is put into @filippo_carlettiās posts! Iām sure as much of both is put into his code!
1 Like
Thanks for sharing your helpful insights! Guess that people like @jgjimenezs @mabeleira @AZChas @nas @JOduMonT are interested
What do you mean @filippo_carletti?
In order for normal verify connection we need at least 15 ping probes, and ping somth like Google or OpenDNS servers.
And we shoud have different ping interval for different connections , somth like 1 ISP every 60sec 2ISP every 70 sec , for preventing situation that if two ping starts at the same time one or few packets could lost.
For increase of LSM reaction QA should test specific attributes that control the decision process and time-to-decide :
āmax_packet_loss, max_successive_pkts_lost, min_packet_loss, min_successive_pkts_rcvd, interval_ms, timeout_msā.
And our NS script should do ip ro flush cache on every LSM event , but maybe when shorewall reenable interface they clean route cache.
1 Like
I used the IP 4.2.2.2 for probing for WAN1. I started a continuous ping of that IP from a client behind NS during testing. When WAN1 was disconnected, even though that IP was accessible through WAN2, the ping requests were still timing out. So I assume a static route was created where communication to that IP goes through WAN1, which is what heās referring to.
1 Like
Try it ! You donot reed my post 
LOL, youāre right, I donāt āreedā your posts, but they are admittedly difficult to read sometimes. 
I tried clearing the route cache after a failover, as you suggested. Pings still continued to fail.
1 Like
https://sourceforge.net/p/shorewall/mailman/message/32304012/
AFAIK, shorewall takes care of route cache flush.
2 Likes
I donāt think changing interval_ms and timeout_ms to 100 is a good solution. I looked in shorewall logs and found this:
Sep 27 22:07:27 Provider fiber (1) stopped
Sep 27 22:08:23 Provider cable (2) stopped
Sep 27 22:08:24 Provider cable (2) Started
Sep 27 22:12:23 Provider cable (2) stopped
Sep 27 22:12:33 Provider cable (2) Started
Sep 27 22:13:51 Provider cable (2) stopped
Sep 27 22:13:52 Provider cable (2) Started
Sep 27 22:14:03 Provider cable (2) stopped
Sep 27 22:14:04 Provider cable (2) Started
Sep 27 22:14:55 Provider fiber (1) Started
Sep 27 22:15:41 Provider cable (2) stopped
Sep 27 22:15:51 Provider cable (2) Started
Sep 27 22:20:18 Provider cable (2) stopped
Sep 27 22:20:20 Provider cable (2) Started
Sep 27 22:20:22 Provider cable (2) stopped
Sep 27 22:20:29 Provider cable (2) Started
Sep 27 22:22:58 Provider cable (2) stopped
Sep 27 22:22:59 Provider cable (2) Started
Sep 27 22:24:24 Provider cable (2) stopped
Sep 27 22:24:34 Provider cable (2) Started
Sep 27 22:25:42 Provider cable (2) stopped
Sep 27 22:25:43 Provider cable (2) Started
Sep 27 22:25:52 Provider cable (2) stopped
Sep 27 22:25:53 Provider cable (2) Started
Sep 27 22:33:06 Provider cable (2) stopped
Sep 27 22:33:07 Provider cable (2) Started
Sep 27 22:33:15 Provider cable (2) stopped
Sep 27 22:33:18 Provider cable (2) Started
Sep 27 22:45:36 Provider cable (2) stopped
Sep 27 22:45:37 Provider cable (2) Started
Sep 27 22:50:29 Provider cable (2) stopped
Sep 27 22:50:30 Provider cable (2) Started
Sep 27 22:50:36 Provider cable (2) stopped
Sep 27 22:50:59 Provider cable (2) Started
Sep 27 22:51:01 Provider cable (2) stopped
Sep 27 22:51:02 Provider cable (2) Started
Sep 27 22:51:12 Provider fiber (1) stopped
Sep 27 22:51:25 Provider fiber (1) Started
Sep 27 22:51:49 Provider cable (2) stopped
Sep 27 22:51:50 Provider cable (2) Started
Sep 27 22:51:53 Provider cable (2) stopped
Sep 27 22:51:59 Provider cable (2) Started
Sep 27 22:58:54 Provider cable (2) stopped
Sep 27 22:58:55 Provider cable (2) Started
Sep 27 23:01:37 Provider cable (2) stopped
Sep 27 23:01:38 Provider cable (2) Started
Sep 27 23:23:23 Provider cable (2) stopped
Sep 27 23:23:40 Provider cable (2) Started
Sep 27 23:25:36 Provider cable (2) stopped
Sep 27 23:26:14 Provider cable (2) Started
Sep 27 23:38:54 Provider cable (2) stopped
Sep 27 23:39:11 Provider cable (2) Started
Sep 27 23:57:41 Provider cable (2) stopped
Sep 27 23:57:42 Provider cable (2) Started
Sep 27 23:59:01 Provider cable (2) stopped
Sep 27 23:59:03 Provider cable (2) Started
Sep 28 00:00:02 Provider cable (2) stopped
Sep 28 00:00:03 Provider cable (2) Started
Sep 28 00:06:42 Provider cable (2) stopped
Sep 28 00:06:53 Provider cable (2) Started
Sep 28 00:16:57 Provider cable (2) stopped
Sep 28 00:16:58 Provider cable (2) Started
Sep 28 00:17:51 Provider cable (2) stopped
Sep 28 00:18:00 Provider cable (2) Started
Sep 28 00:18:26 Provider cable (2) stopped
Sep 28 00:18:27 Provider cable (2) Started
Sep 28 00:21:06 Provider cable (2) stopped
Sep 28 00:21:17 Provider cable (2) Started
Sep 28 00:23:41 Provider cable (2) stopped
Sep 28 00:23:50 Provider cable (2) Started
Sep 28 00:24:37 Provider cable (2) stopped
Sep 28 00:24:39 Provider cable (2) Started
Sep 28 00:30:15 Provider cable (2) stopped
Sep 28 00:30:25 Provider cable (2) Started
Sep 28 00:30:45 Provider cable (2) stopped
Sep 28 00:30:46 Provider cable (2) Started
Sep 28 00:30:49 Provider cable (2) stopped
Sep 28 00:30:56 Provider cable (2) Started
Sep 28 00:36:00 Provider cable (2) stopped
Sep 28 00:36:06 Provider cable (2) Started
Sep 28 00:36:10 Provider cable (2) stopped
Sep 28 00:36:11 Provider cable (2) Started
Sep 28 00:37:32 Provider cable (2) stopped
Sep 28 00:37:33 Provider cable (2) Started
Sep 28 00:46:09 Provider cable (2) stopped
Sep 28 00:46:19 Provider cable (2) Started
Sep 28 00:52:59 Provider cable (2) stopped
Sep 28 00:53:10 Provider cable (2) Started
Sep 28 01:02:34 Provider cable (2) stopped
Sep 28 01:02:58 Provider cable (2) Started
Sep 28 01:03:22 Provider cable (2) stopped
Sep 28 01:03:23 Provider cable (2) Started
Sep 28 01:04:50 Provider cable (2) stopped
Sep 28 01:05:09 Provider cable (2) Started
Sep 28 01:14:36 Provider cable (2) stopped
Sep 28 01:14:47 Provider cable (2) Started
Sep 28 01:18:01 Provider cable (2) stopped
Sep 28 01:18:20 Provider cable (2) Started
Sep 28 01:18:26 Provider cable (2) stopped
Sep 28 01:18:40 Provider cable (2) Started
Sep 28 01:28:40 Provider cable (2) stopped
Sep 28 01:28:41 Provider cable (2) Started
Sep 28 01:36:46 Provider cable (2) stopped
Sep 28 01:36:47 Provider cable (2) Started
Sep 28 02:42:48 Provider cable (2) stopped
Sep 28 02:43:08 Provider cable (2) Started
Sep 28 02:45:10 Provider cable (2) stopped
Sep 28 02:45:23 Provider cable (2) Started
Sep 28 02:51:19 Provider cable (2) stopped
Sep 28 02:51:29 Provider cable (2) Started
Sep 28 02:53:28 Provider cable (2) stopped
Sep 28 02:53:29 Provider cable (2) Started
Sep 28 02:53:30 Provider cable (2) stopped
Sep 28 02:53:41 Provider cable (2) Started
Sep 28 03:03:53 Provider cable (2) stopped
Sep 28 03:04:04 Provider cable (2) Started
Sep 28 03:18:56 Provider cable (2) stopped
Sep 28 03:19:47 Provider cable (2) Started
Sep 28 03:35:39 Provider fiber (1) stopped
Sep 28 03:35:52 Provider fiber (1) Started
Sep 28 04:33:50 Provider cable (2) stopped
Sep 28 04:34:10 Provider cable (2) Started
Sep 28 04:48:50 Provider cable (2) stopped
Sep 28 04:49:10 Provider cable (2) Started
Sep 28 05:04:41 Provider cable (2) stopped
Sep 28 05:04:52 Provider cable (2) Started
Sep 28 05:05:14 Provider cable (2) stopped
Sep 28 05:05:27 Provider cable (2) Started
Sep 28 05:06:26 Provider cable (2) stopped
Sep 28 05:06:37 Provider cable (2) Started
Sep 28 05:07:04 Provider cable (2) stopped
Sep 28 05:07:16 Provider cable (2) Started
Sep 28 05:07:25 Provider cable (2) stopped
Sep 28 05:07:43 Provider cable (2) Started
Sep 28 05:08:20 Provider cable (2) stopped
Sep 28 05:08:31 Provider cable (2) Started
Sep 28 05:13:11 Provider fiber (1) stopped
Sep 28 05:13:23 Provider fiber (1) Started
Sep 28 05:53:23 Provider cable (2) stopped
Sep 28 05:53:28 Provider cable (2) Started
Sep 28 05:53:37 Provider cable (2) stopped
Sep 28 05:53:52 Provider cable (2) Started
Sep 28 05:53:58 Provider cable (2) stopped
Sep 28 06:00:13 Provider cable (2) Started
Sep 28 06:00:14 Provider cable (2) stopped
Sep 28 06:00:15 Provider cable (2) Started
Sep 28 06:00:16 Provider cable (2) stopped
Sep 28 06:04:11 Provider cable (2) Started
Sep 28 06:05:44 Provider cable (2) stopped
Sep 28 06:06:44 Provider cable (2) Started
Sep 28 06:09:57 Provider cable (2) stopped
Sep 28 06:10:09 Provider cable (2) Started
Sep 28 06:10:24 Provider cable (2) stopped
Sep 28 06:11:34 Provider cable (2) Started
Sep 28 06:13:04 Provider cable (2) stopped
Sep 28 06:13:36 Provider cable (2) Started
Sep 28 06:14:10 Provider cable (2) stopped
Sep 28 06:16:25 Provider cable (2) Started
Sep 28 06:25:54 Provider cable (2) stopped
Sep 28 06:26:34 Provider cable (2) Started
Sep 28 06:26:46 Provider cable (2) stopped
Sep 28 06:27:06 Provider cable (2) Started
Sep 28 07:28:38 Provider cable (2) stopped
Sep 28 07:59:35 Provider cable (2) Started
Sep 28 07:59:37 Provider cable (2) stopped
Sep 28 07:59:40 Provider cable (2) Started
Sep 28 07:59:41 Provider cable (2) stopped
Sep 28 08:00:10 Provider cable (2) Started
Sep 28 08:00:22 Provider cable (2) stopped
Sep 28 08:01:52 Provider cable (2) Started
Sep 28 08:02:00 Provider cable (2) stopped
Sep 28 08:04:18 Provider cable (2) Started
Sep 28 08:04:19 Provider cable (2) stopped
Sep 28 08:04:20 Provider cable (2) Started
Sep 28 08:04:21 Provider cable (2) stopped
Sep 28 08:04:23 Provider cable (2) Started
Sep 28 08:04:26 Provider cable (2) stopped
Sep 28 08:04:30 Provider cable (2) Started
Sep 28 08:04:31 Provider cable (2) stopped
Sep 28 08:04:32 Provider cable (2) Started
Sep 28 08:04:34 Provider cable (2) stopped
Sep 28 08:05:38 Provider cable (2) Started
Sep 28 08:05:41 Provider cable (2) stopped
Sep 28 08:08:29 Provider cable (2) Started
Sep 28 08:10:21 Provider cable (2) stopped
Sep 28 08:10:54 Provider cable (2) Started
Sep 28 08:11:28 Provider cable (2) stopped
Sep 28 08:12:17 Provider cable (2) Started
Sep 28 08:12:24 Provider cable (2) stopped
Sep 28 08:14:55 Provider cable (2) Started
Sep 28 08:15:41 Provider cable (2) stopped
Sep 28 08:21:19 Provider cable (2) Started
Sep 28 08:21:29 Provider cable (2) stopped
Sep 28 08:22:44 Provider cable (2) Started
Sep 28 08:50:55 Provider cable (2) stopped
Sep 28 08:50:56 Provider cable (2) Started
Sep 28 09:53:16 Provider cable (2) stopped
Sep 28 09:53:34 Provider cable (2) Started
Sep 28 11:12:57 Provider cable (2) stopped
Sep 28 11:13:17 Provider cable (2) Started
Sep 28 11:13:28 Provider cable (2) stopped
Sep 28 11:13:41 Provider cable (2) Started
Sep 28 11:13:49 Provider cable (2) stopped
Sep 28 11:14:08 Provider cable (2) Started
Sep 28 11:27:00 Provider cable (2) stopped
Sep 28 11:27:13 Provider cable (2) Started
Sep 28 11:29:08 Provider cable (2) stopped
Sep 28 11:29:50 Provider cable (2) Started
Sep 28 11:42:14 Provider cable (2) stopped
Sep 28 11:42:25 Provider cable (2) Started
Sep 28 11:43:57 Provider cable (2) stopped
Sep 28 11:44:20 Provider cable (2) Started
Sep 28 11:44:25 Provider cable (2) stopped
Sep 28 11:44:55 Provider cable (2) Started
Sep 28 12:06:02 Provider cable (2) stopped
Sep 28 12:06:37 Provider cable (2) Started
Sep 28 12:06:41 Provider cable (2) stopped
Sep 28 12:06:42 Provider cable (2) Started
Sep 28 12:27:32 Provider cable (2) stopped
Sep 28 12:27:43 Provider cable (2) Started
Sep 28 12:28:29 Provider cable (2) stopped
Sep 28 12:28:44 Provider cable (2) Started
Sep 28 12:28:56 Provider cable (2) stopped
Sep 28 12:29:20 Provider cable (2) Started
Sep 28 12:29:23 Provider cable (2) stopped
Sep 28 12:29:44 Provider cable (2) Started
Sep 28 12:30:06 Provider cable (2) stopped
Sep 28 12:30:19 Provider cable (2) Started
Sep 28 12:33:57 Provider cable (2) stopped
Sep 28 12:34:15 Provider cable (2) Started
Sep 28 12:35:07 Provider cable (2) stopped
Sep 28 12:35:20 Provider cable (2) Started
Sep 28 12:35:36 Provider cable (2) stopped
Sep 28 12:35:50 Provider cable (2) Started
Sep 28 12:35:57 Provider cable (2) stopped
Sep 28 12:36:20 Provider cable (2) Started
Sep 28 12:48:31 Provider cable (2) stopped
Sep 28 12:49:18 Provider cable (2) Started
Sep 28 12:50:53 Provider fiber (1) stopped
Sep 28 12:51:15 Provider cable (2) stopped
Sep 28 12:51:26 Provider cable (2) Started
Sep 28 12:51:38 Provider cable (2) stopped
Sep 28 12:51:50 Provider cable (2) Started
Sep 28 12:52:47 Provider fiber (1) Started
Sep 28 13:16:36 Provider cable (2) stopped
Sep 28 13:16:48 Provider cable (2) Started
Sep 28 13:20:15 Provider fiber (1) stopped
Sep 28 13:20:29 Provider fiber (1) Started
Sep 28 13:23:34 Provider cable (2) stopped
Sep 28 13:25:55 Provider cable (2) Started
Sep 28 13:44:53 Provider cable (2) stopped
Sep 28 13:45:56 Provider cable (2) Started
Sep 28 13:48:00 Provider cable (2) stopped
Sep 28 13:48:12 Provider cable (2) Started
Sep 28 13:48:30 Provider cable (2) stopped
Sep 28 13:48:41 Provider cable (2) Started
Sep 28 13:58:43 Provider cable (2) stopped
Sep 28 13:58:54 Provider cable (2) Started
Sep 28 14:02:04 Provider cable (2) stopped
Sep 28 14:02:18 Provider cable (2) Started
Sep 28 14:15:07 Provider cable (2) stopped
Sep 28 14:15:19 Provider cable (2) Started
Sep 28 14:20:13 Provider fiber (1) stopped
Sep 28 14:20:26 Provider fiber (1) Started
Sep 28 14:24:02 Provider cable (2) stopped
Sep 28 14:24:20 Provider cable (2) Started
Sep 28 14:25:45 Provider cable (2) stopped
Sep 28 14:25:46 Provider cable (2) Started
Sep 28 14:40:44 Provider cable (2) stopped
Sep 28 14:41:22 Provider cable (2) Started
Sep 28 14:41:25 Provider cable (2) stopped
Sep 28 14:41:37 Provider cable (2) Started
Sep 28 14:41:41 Provider cable (2) stopped
Sep 28 14:41:53 Provider cable (2) Started
Sep 28 14:49:41 Provider cable (2) stopped
Sep 28 14:49:53 Provider cable (2) Started
Sep 28 14:50:08 Provider cable (2) stopped
Sep 28 14:50:22 Provider cable (2) Started
Sep 28 14:50:36 Provider cable (2) stopped
Sep 28 14:50:53 Provider cable (2) Started
Sep 28 15:08:59 Provider cable (2) stopped
Sep 28 15:09:14 Provider cable (2) Started
Sep 28 15:17:07 Provider cable (2) stopped
Sep 28 15:17:20 Provider cable (2) Started
Sep 28 15:19:02 Provider cable (2) stopped
Sep 28 15:19:16 Provider cable (2) Started
Sep 28 15:23:41 Provider cable (2) stopped
Sep 28 15:23:42 Provider cable (2) Started
Sep 28 15:24:39 Provider fiber (1) stopped
Sep 28 15:24:53 Provider fiber (1) Started
Sep 28 15:26:08 Provider cable (2) stopped
Sep 28 15:26:22 Provider cable (2) Started
Sep 28 15:27:59 Provider cable (2) stopped
Sep 28 15:28:31 Provider cable (2) Started
Sep 28 15:39:02 Provider cable (2) stopped
Sep 28 15:39:18 Provider cable (2) Started
Sep 28 15:53:28 Provider cable (2) stopped
Sep 28 15:53:43 Provider cable (2) Started
Sep 28 15:53:51 Provider cable (2) stopped
Sep 28 15:54:04 Provider cable (2) Started
Sep 28 15:54:07 Provider cable (2) stopped
Sep 28 15:54:19 Provider cable (2) Started
Sep 28 15:54:32 Provider cable (2) stopped
Sep 28 15:54:49 Provider cable (2) Started
Sep 28 16:02:21 Provider cable (2) stopped
Sep 28 16:02:34 Provider cable (2) Started
Sep 28 16:03:58 Provider cable (2) stopped
Sep 28 16:04:25 Provider cable (2) Started
Sep 28 16:13:08 Provider cable (2) stopped
Sep 28 16:13:40 Provider cable (2) Started
Sep 28 16:13:41 Provider cable (2) stopped
Sep 28 16:13:43 Provider cable (2) Started
Sep 28 16:13:44 Provider cable (2) stopped
Sep 28 16:14:24 Provider cable (2) Started
Sep 28 16:15:48 Provider cable (2) stopped
Sep 28 16:16:02 Provider cable (2) Started
Sep 28 16:16:06 Provider cable (2) stopped
Sep 28 16:16:42 Provider cable (2) Started
Sep 28 16:18:01 Provider cable (2) stopped
Sep 28 16:19:18 Provider cable (2) Started
Sep 28 16:19:44 Provider cable (2) stopped
Sep 28 16:20:26 Provider cable (2) Started
Sep 28 16:21:01 Provider cable (2) stopped
Sep 28 16:21:27 Provider cable (2) Started
Sep 28 16:22:10 Provider cable (2) stopped
Sep 28 16:23:48 Provider cable (2) Started
Sep 28 16:24:06 Provider cable (2) stopped
Sep 28 16:26:06 Provider cable (2) Started
Sep 28 16:26:18 Provider cable (2) stopped
Sep 28 16:26:30 Provider cable (2) Started
Sep 28 16:26:43 Provider cable (2) stopped
Sep 28 16:26:52 Provider cable (2) Started
Sep 28 16:26:59 Provider cable (2) stopped
Sep 28 16:28:15 Provider cable (2) Started
Sep 28 16:28:16 Provider cable (2) stopped
Sep 28 16:29:51 Provider cable (2) Started
Sep 28 16:37:20 Provider fiber (1) stopped
Sep 28 16:37:34 Provider fiber (1) Started
Sep 28 17:06:38 Provider fiber (1) stopped
Sep 28 17:06:49 Provider fiber (1) Started
Sep 28 17:16:40 Provider cable (2) stopped
Sep 28 17:16:52 Provider cable (2) Started
Sep 28 17:18:40 Provider cable (2) stopped
Sep 28 17:18:57 Provider cable (2) Started
Sep 28 17:32:17 Provider cable (2) stopped
Sep 28 17:32:28 Provider cable (2) Started
Sep 28 17:51:46 Provider cable (2) stopped
Sep 28 17:52:10 Provider cable (2) Started
Sep 28 18:12:51 Provider fiber (1) stopped
Sep 28 18:13:04 Provider fiber (1) Started
Sep 28 18:15:42 Provider cable (2) stopped
Sep 28 18:15:52 Provider cable (2) Started
Sep 28 18:16:14 Provider cable (2) stopped
Sep 28 18:16:28 Provider cable (2) Started
Sep 28 19:01:15 Provider cable (2) stopped
Sep 28 19:01:27 Provider cable (2) Started
Sep 28 19:09:46 Provider cable (2) stopped
Sep 28 19:09:57 Provider cable (2) Started
Sep 28 19:10:05 Provider fiber (1) stopped
Sep 28 19:10:18 Provider fiber (1) Started
Sep 28 19:22:16 Provider cable (2) stopped
Sep 28 19:22:30 Provider cable (2) Started
Sep 28 19:26:13 Provider cable (2) stopped
Sep 28 19:26:25 Provider cable (2) Started
Sep 28 19:26:37 Provider cable (2) stopped
Sep 28 19:26:49 Provider cable (2) Started
Sep 28 19:27:37 Provider cable (2) stopped
Sep 28 19:27:49 Provider cable (2) Started
Sep 28 19:28:28 Provider cable (2) stopped
Sep 28 19:29:39 Provider cable (2) Started
Sep 28 19:29:42 Provider cable (2) stopped
Sep 28 19:30:00 Provider cable (2) Started
Sep 28 19:53:20 Provider fiber (1) stopped
Sep 28 19:53:34 Provider fiber (1) Started
Sep 28 20:07:35 Provider cable (2) stopped
Sep 28 20:07:48 Provider cable (2) Started
Sep 28 20:51:00 Provider cable (2) stopped
Sep 28 20:51:01 Provider cable (2) Started
Sep 28 20:54:25 Provider cable (2) stopped
Sep 28 20:54:37 Provider cable (2) Started
Sep 28 21:03:24 Provider fiber (1) stopped
Sep 28 21:03:36 Provider fiber (1) Started
Sep 28 21:08:18 Provider cable (2) stopped
Sep 28 21:08:30 Provider cable (2) Started
Sep 28 21:26:19 Provider cable (2) stopped
Sep 28 21:26:30 Provider cable (2) Started
Sep 28 21:26:36 Provider cable (2) stopped
Sep 28 21:26:56 Provider cable (2) Started
Sep 28 21:27:04 Provider cable (2) stopped
Sep 28 21:27:26 Provider cable (2) Started
Sep 28 21:27:34 Provider cable (2) stopped
Sep 28 21:28:05 Provider cable (2) Started
Sep 28 21:28:07 Provider cable (2) stopped
Sep 28 21:28:51 Provider cable (2) Started
Sep 28 21:37:11 Provider cable (2) stopped
Sep 28 21:37:23 Provider cable (2) Started
Sep 28 21:42:50 Provider cable (2) stopped
Sep 28 21:42:51 Provider cable (2) Started
Sep 28 21:52:19 Provider cable (2) stopped
Sep 28 21:52:30 Provider cable (2) Started
Sep 28 22:22:13 Provider cable (2) stopped
Sep 28 22:22:19 Provider cable (2) Started
Sep 28 22:22:36 Provider cable (2) stopped
Sep 28 22:22:47 Provider cable (2) Started
Sep 28 22:30:17 Provider cable (2) stopped
Sep 28 22:30:18 Provider cable (2) Started
Sep 28 22:31:19 Provider fiber (1) stopped
Sep 28 22:31:33 Provider fiber (1) Started
Sep 28 22:31:38 Provider cable (2) stopped
Sep 28 22:31:52 Provider cable (2) Started
Sep 28 22:47:05 Provider cable (2) stopped
Sep 28 22:47:28 Provider cable (2) Started
Sep 28 22:49:13 Provider cable (2) stopped
Sep 28 22:49:14 Provider cable (2) Started
Sep 28 23:06:41 Provider cable (2) stopped
Sep 28 23:06:42 Provider cable (2) Started
Sep 28 23:06:50 Provider cable (2) stopped
Sep 28 23:06:52 Provider cable (2) Started
Sep 28 23:39:55 Provider cable (2) stopped
Sep 28 23:39:55 Provider cable (2) Started
Sep 28 23:42:04 Provider cable (2) stopped
Sep 28 23:42:14 Provider cable (2) Started
Sep 29 00:11:07 Provider cable (2) stopped
Sep 29 00:11:21 Provider cable (2) Started
Sep 29 00:13:47 Provider cable (2) stopped
Sep 29 00:14:02 Provider cable (2) Started
Sep 29 00:16:45 Provider cable (2) stopped
Sep 29 00:17:07 Provider cable (2) Started
Sep 29 00:26:37 Provider cable (2) stopped
Sep 29 00:26:58 Provider cable (2) Started
Sep 29 00:33:13 Provider cable (2) stopped
Sep 29 00:33:14 Provider cable (2) Started
Sep 29 00:45:24 Provider cable (2) stopped
Sep 29 00:45:34 Provider cable (2) Started
Sep 29 01:57:14 Provider cable (2) stopped
Sep 29 01:57:32 Provider cable (2) Started
Sep 29 02:19:01 Provider cable (2) stopped
Sep 29 02:20:02 Provider cable (2) Started
Sep 29 02:33:22 Provider cable (2) stopped
Sep 29 02:33:27 Provider cable (2) Started
Sep 29 02:35:27 Provider cable (2) stopped
Sep 29 02:35:28 Provider cable (2) Started
Sep 29 02:42:05 Provider cable (2) stopped
Sep 29 02:42:07 Provider cable (2) Started
Sep 29 02:46:36 Provider cable (2) stopped
Sep 29 02:46:38 Provider cable (2) Started
Sep 29 02:53:04 Provider fiber (1) stopped
Sep 29 02:53:07 Provider fiber (1) Started
Sep 29 02:59:06 Provider cable (2) stopped
Sep 29 02:59:07 Provider cable (2) Started
Sep 29 02:59:10 Provider cable (2) stopped
Sep 29 02:59:11 Provider cable (2) Started
Sep 29 03:07:18 Provider fiber (1) stopped
Sep 29 03:07:19 Provider fiber (1) Started
Sep 29 03:08:11 Provider fiber (1) stopped
Sep 29 03:08:15 Provider fiber (1) Started
Sep 29 03:10:00 Provider cable (2) stopped
Sep 29 03:10:01 Provider fiber (1) stopped
Sep 29 03:10:14 Provider cable (2) Started
Sep 29 03:10:14 Provider fiber (1) Started
Sep 29 03:10:29 Provider fiber (1) stopped
Sep 29 03:10:31 Provider fiber (1) Started
Sep 29 03:11:50 Provider fiber (1) stopped
Sep 29 03:11:53 Provider fiber (1) Started
Sep 29 03:16:40 Provider cable (2) stopped
Sep 29 03:16:41 Provider fiber (1) stopped
Sep 29 03:16:43 Provider cable (2) Started
I just changed them to:
interval_ms=500
timeout_ms=200
Iāll report back once I know how well that setup works.
1 Like
@Adam could you please provide me access to PC behind NS for testing LSM + Shorewall
Hey @Nas sorry I missed this. Iām sure we can do thatā¦ but you know you can setup a similar test infrastructure with virtualization and a couple virtual switches, right? Iām just going into esxi and disconnecting a switch to simulate a WAN outage for testing.
Update for anyone interested:
I still had issues with the settings I posted last. 1/10 of the original settings was too much. I was getting more āfalse failoversāā¦so I went to 1/4 of the original settings:
interval_ms=1250
timeout_ms=500
24 hours later and no false failovers logged. Failover takes 20-30 seconds and failback takes 1-2 minutes. Very reasonable in my opinion. Much better than waiting a couple minutes for failover with the original settings and then what felt like forever to failback.
1 Like
how about routing? all is good?
The static routes still exist, but thatās just for the specified probe IPs. Use something thatās not necessary and you should be fine. For instance, I wouldnāt recommend using 8.8.8.8ā¦ especially if NS is still using default settings to use it for DNS. Iād use 8.8.4.4 instead, and another reliable but unnecessary IP for the other WAN interface.
2 Likes
I probably missing something into the discussion but how did you define the weight ?
Example
Given two configured providers:
Provider1: network interface eth1, weight 100
Provider2: network interface eth0, weight 50
http://docs.nethserver.org/en/latest/firewall.html?highlight=wan