Home

Forums

Stories

Knowledge Base

Business Community > Routers > Policy-based routing for destination (internet) IP

< Routers

Policy-based routing for destination (internet) IP

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Policy-based routing for destination (internet) IP

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

johnmontfx

2023-04-10 17:00:02

Posts: 10

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2023-04-10

Policy-based routing for destination (internet) IP

2023-04-10 17:00:02

Tags: #Load Balancing #WAN Setup

Model: ER605 (TL-R605)

Hardware Version: V1

Firmware Version: 1.2.1

I'm attempting to do policy based routing, directing all LAN traffic to/from a website over a specific WAN (WAN/LAN1) port. Basically one WAN has a higher upload rate so I want to use that interface. I'm also using the Omada OC200 controller.

I've created an IP Group with the destination IP address (cloudflare), so my setup looks like the following image below. However, traffic is still being routed over my primary WAN ("WAN").

I've enabled link backup (and that works), but unlike the ER605 interface there isn't a specific "Enable Load Balancing" checkbox on the Omada web interface.

Am I missing something? This seems like it should be possible/should work, but it's not.

16 Reply

Fausto879

LV2

2023-04-10 17:42:57

Posts: 20

Helpful: 8

Solutions: 3

Stories: 0

Registered: 2020-07-08

Re:Policy-based routing for destination (internet) IP

2023-04-10 17:42:57

@johnmontfx create New range ip. After create New ip group. After acssociate ip for group. Finally create policy

d0ugmac1

LV5

2023-04-10 19:32:02

Posts: 2104

Helpful: 767

Solutions: 190

Stories: 0

Registered: 2022-03-05

Re:Policy-based routing for destination (internet) IP

2023-04-10 19:32:02

@johnmontfx

OC200 v5.7.6

Software Controller 5.9.31

(click the Link Backup enable box to expand the options, shown above)

<< Paying it forward, one juicy problem at a time... >>

Fausto879

LV2

2023-04-10 22:25:00 - last edited 2023-04-10 22:25:37

Posts: 20

Helpful: 8

Solutions: 3

Stories: 0

Registered: 2020-07-08

Re:Policy-based routing for destination (internet) IP

2023-04-10 22:25:00 - last edited 2023-04-10 22:25:37

My post was referring to the user who has two internets, one of which he wants the output of traffic through a specific WAN for CLOUDFARE. Link Backup disables the secondary WAN and all traffic goes through the primary LAN, the secondary WAN is only populated when the primary WAN link goes down. At least when I enter directly into the equipment, the behavior is like this.

johnmontfx

LV1

2023-04-11 01:58:33 - last edited 2023-04-11 01:59:14

Posts: 10

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2023-04-10

Re:Policy-based routing for destination (internet) IP

2023-04-11 01:58:33 - last edited 2023-04-11 01:59:14

@d0ugmac1

So for me, clicking "Link Backup" doesn't add any more options. What options does it add?

The other issue I've found with Link Backup (when it's checked) is that it doesn't seem to switch back to what I want as the primary WAN once it comes back. Selecting "Always Link Primary" will switch it back to the 'primary' link once the link is back online.

I wonder if that setting overrides any policy based routing....

johnmontfx

LV1

2023-04-11 02:25:13

Posts: 10

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2023-04-10

Re:Policy-based routing for destination (internet) IP

2023-04-11 02:25:13

Thanks for the response -- am I unable to apply the policy routing for the IP_ALL group? It seems you say I need to make a group with all the IP addresses in my LAN, correct? Thank you again!

johnmontfx

LV1

2023-04-11 02:26:11

Posts: 10

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2023-04-10

Re:Policy-based routing for destination (internet) IP

2023-04-11 02:26:11

@Fausto879

yeah...maybe the link backup is "higher up" and overrides the policy routing. I'll do some testing. Thanks for the suggestion.

d0ugmac1

LV5

2023-04-11 02:38:24

Posts: 2104

Helpful: 767

Solutions: 190

Stories: 0

Registered: 2022-03-05

Re:Policy-based routing for destination (internet) IP

2023-04-11 02:38:24

@johnmontfx

Link Backup enables the options in the red box:

I don't think you want that option though, at least not as your primary mode. It seems to me that you want Active/Active on your two WANs, but you want to steer Cloudflare traffic to the fatter pipe, always. After re-reading the thread it sounds like there is an option in Standalone Mode that allows Load Balancing on top of Link Backup and that the Controller interface doesn't provide that secondary option? If not, you'll need to put a feature request into the Requests and Suggestion forum here.

<< Paying it forward, one juicy problem at a time... >>

d0ugmac1

LV5

2023-04-11 02:40:01

Posts: 2104

Helpful: 767

Solutions: 190

Stories: 0

Registered: 2022-03-05

Re:Policy-based routing for destination (internet) IP

2023-04-11 02:40:01

@johnmontfx

YES!....IP_ALL is like 0.0.0.0. You definitely want to create a MyPrivateIPs group for your policy.

<< Paying it forward, one juicy problem at a time... >>

johnmontfx

LV1

2023-04-11 02:56:43 - last edited 2023-04-11 02:59:21

Posts: 10

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2023-04-10

Re:Policy-based routing for destination (internet) IP

2023-04-11 02:56:43 - last edited 2023-04-11 02:59:21

@d0ugmac1

Awesome -- thanks for both replies. I did already have Link Backup selected..sorry. I don't know what I was thinking when I replied.

As far as IP_ALL...thanks so much for that info. Wasn't obvious to me.

My overall setup is that I have Starlink and a local wireless provider that provides 30Mbps up/down. Starlink downloads are great but the uploads are faster on the local provider so I want my uploads to go through the secondary provider (I have other sites to add in addition to Cloudflare but wanted to start there).

Overall, I want all traffic to come via Starlink and then switch to the local provider if Starlink is down (and switch back if Starlink is up again). That was why i figured link backup was a good way to go.

In addition, I just switched over the weekend from the ER605 to the OC-200 Omada UI...so it's taking some time to re-find things....

I really appreciate you taking the time to respond...

#10

d0ugmac1

LV5

2023-04-11 13:53:20

Posts: 2104

Helpful: 767

Solutions: 190

Stories: 0

Registered: 2022-03-05

Re:Policy-based routing for destination (internet) IP

2023-04-11 13:53:20

@johnmontfx

I think perhaps the simplest way to achieve most of what you want is to create two Policy routes, and an IP_Group for your LAN subnet(s). Leave the Link Backup as Disabled, but both WAN and WAN1 should be up and running all the time.

The Policy Routes should then be added in order of importance.

1. Source=MySubnets Destination=CloudflareIPs WAN=Wireless

2. Source=MySubnets Destination=All_PublicIPs WAN=Starlink

When you create the PRs, be sure to tick the 'use other WAN' box

which will provide your 'link' backup for both rules (ie if Starlink goes

down, all traffic will use Wireless, if Wireless goes down, Cloudflare

traffic will go via Starlink.)

<< Paying it forward, one juicy problem at a time... >>

#11

Policy-based routing for destination (internet) IP

Policy-based routing for destination (internet) IP

Information

Voters 0

Tags