Reply
New Member
Posts: 4
Registered: a week ago

ER8 issues with dual wan load balance

Hi all,

 

Firstly i would like to mention I’m quite new to the edgerouter, i have experience with cisco but only GUI.

 

The issue I’m having is the speed of my dual wan setup. Setup as follows:

 

Model - ER8-pro running v1.10.8

Wan 1 - pppoe 100/40 fibre

Wan 2 - DHCP 100/40 fibre

Configured using load balance wizard

 

Tested in speedtest.net (multi), tested running 1 at a time & 2 on different clients at once.

Load balanced wan speed: 90/35 Mbps

Single wan speed: 90/32 Mbps

 

I have seen many a speed test with a similar setup pushing past the 150 Mbps.

Just for clarification im not trying to bond my connections as my ISP dont support that.

 

 

Below is my config, any help would be greatly appreciated.

Thankyou

 

 

Spoiler

firewall {
all-ping enable
broadcast-ping disable
group {
network-group PRIVATE_NETS {
network 192.168.0.0/16
network 172.16.0.0/12
network 10.0.0.0/8
}
}
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians disable
modify balance {
rule 10 {
action modify
description "do NOT load balance lan to lan"
destination {
group {
network-group PRIVATE_NETS
}
}
modify {
table main
}
}
rule 20 {
action modify
description "do NOT load balance destination public address"
destination {
group {
address-group ADDRv4_pppoe0
}
}
modify {
table main
}
}
rule 30 {
action modify
description "do NOT load balance destination public address"
destination {
group {
address-group ADDRv4_eth1
}
}
modify {
table main
}
}
rule 110 {
action modify
modify {
lb-group G
}
}
}
name WAN_IN {
default-action drop
description "WAN to internal"
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
name WAN_LOCAL {
default-action drop
description "WAN to router"
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
options {
mss-clamp {
mss 1412
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
description WAN
duplex auto
pppoe 0 {
default-route auto
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
mtu 1492
name-server auto
password ****************
user-id *******************
}
speed auto
}
ethernet eth1 {
address dhcp
description "WAN 2"
duplex auto
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
speed auto
}
ethernet eth2 {
duplex auto
speed auto
}
ethernet eth3 {
address 192.168.1.1/24
description Local
duplex auto
firewall {
in {
modify balance
}
}
speed auto
}
ethernet eth4 {
duplex auto
speed auto
}
ethernet eth5 {
duplex auto
speed auto
}
ethernet eth6 {
duplex auto
speed auto
}
ethernet eth7 {
duplex auto
speed auto
}
loopback lo {
}
}
load-balance {
}
service {
dhcp-server {
disabled false
hostfile-update disable
shared-network-name LAN {
authoritative enable
subnet 192.168.1.0/24 {
default-router 192.168.1.1
dns-server 192.168.1.1
dns-server 8.8.8.8
domain-name kresina.local
lease 86400
start 192.168.1.50 {
stop 192.168.1.90
}
}
}
static-arp disable
use-dnsmasq disable
}
dns {
forwarding {
cache-size 150
listen-on eth3
}
}
gui {
http-port 80
https-port 443
older-ciphers enable
}
nat {
rule 5000 {
description "masquerade for WAN"
outbound-interface pppoe0
type masquerade
}
rule 5002 {
description "masquerade for WAN 2"
outbound-interface eth1
type masquerade
}
}
ssh {
port 22
protocol-version v2
}
unms {
disable
}
}
system {
conntrack {
expect-table-size 4096
hash-size 4096
table-size 32768
tcp {
half-open-connections 512
loose enable
max-retrans 3
}
}
domain-name kresina.local
host-name er8-proH
login {
user admin {
authentication {
encrypted-password ****************
}
level admin
}
}
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
offload {
hwnat disable
ipv4 {
forwarding enable
gre enable
pppoe enable
vlan enable
}
ipv6 {
disable-flow-flushing-upon-fib-changes
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone UTC
}
admin@er8-proH:~$

 

 

 

 

Member
Posts: 736
Registered: ‎09-13-2018
Kudos: 138
Solutions: 48

Re: ER8 issues with dual wan load balance

[ Edited ]

It isn't clear what you were expecting.  If you thought it would increase performance for a single connection, it will not.

 

It is more like a two lane vs one lane highway with the same speed limit.  When traffic is light, it makes no difference whether there is a single lane or two lanes.  But at rush hour, you can easily tell the difference.

New Member
Posts: 4
Registered: a week ago

Re: ER8 issues with dual wan load balance

Hi,

thanks for the reply.
The setup was tested using 2 different clients running multi connection speed tests.
Both combined only reach a limit of 90/35 Mbps. it should be somewhere between 1.5 - 1.9 times that.

i'm looking for a true load balance, where multiple clients can exceed the speed of a single connections.
Member
Posts: 736
Registered: ‎09-13-2018
Kudos: 138
Solutions: 48

Re: ER8 issues with dual wan load balance

[ Edited ]

What EdgeOS calls load balancing is really connection balancing (at least as of 1.10.8)  I am not sure if you make multiple simultaneous connections to the same ip address, if those will be spead across the load balance group or not.  See the sticky section in https://help.ubnt.com/hc/en-us/articles/205145990-EdgeRouter-WAN-Load-Balancing

 

Load Balancing is not packet level balancing like a SD-WAN bonded virtual circuit over VPN solution, like people are asking about in this SD-WAN thread.  As far as I know, Ubiquiti doesn't have any device that does that out of the box.  Whether you could side load something like vtrunkd, I don't know.

New Member
Posts: 4
Registered: a week ago

Re: ER8 issues with dual wan load balance

well I managed to get it to work.

Thanks for the info.

5B0C992F-5252-44C8-9608-3B5F1FC0900D.png

Member
Posts: 736
Registered: ‎09-13-2018
Kudos: 138
Solutions: 48

Re: ER8 issues with dual wan load balance

Great!

 

What did you change?  Others may find that info useful in the future.

New Member
Posts: 4
Registered: a week ago

Re: ER8 issues with dual wan load balance

I followed this guide.

had to do with the static routes & hardware offloading.

it turned out to be quite simple.

 

https://m.youtube.com/watch?v=0MFXFSZAKbs

New Member
Posts: 48
Registered: ‎06-20-2018
Kudos: 6
Solutions: 2

Re: ER8 issues with dual wan load balance

Hi @yosso,

 

Maybe something to do with the following:


1. "set system offload hwnat disable" is from MEDIATEK not CAVIUM enviroment (ERPro-8):

configure
delete system offload hwnat disable
commit
save

 

2. Static route & name-server are missing:

set protocols static interface-route 0.0.0.0/0 next-hop-interface pppoe0
set system name-server 8.8.8.8

 

3. "load-balance" is empty:

delete load-balance

commit

top

edit load-balance group G
set interface eth1
set interface pppoe0
set lb-local enable

 

4. You may also consider increasing the next value:

set firewall options mss-clamp mss 1452

 

BR,

 

-aojeda

Reply