Policy routing and WAN detection and Load Balancing
My setup is as follows:
Two WAN links (possibly one more in the future):
WAN1: 100mbps
WAN2: 2mbps (for OOB and emergency access for 3 computers that need always access for administrative stuff, email and such)
So far, the configuration sort of works, because I'm getting an odd behavior using the "Priority mode" on the Routing Policy.
Since I'm using OpenDNS to control DNS request and navigation, I can see the DNS requests on both WANs (different ISP, so no issue of mixing traffic there).
For some unknown reason, I can see a bunch of DNS requests on WAN2, but the traffic goes to WAN1. How do I know that? because, WAN2 on OpenDNS has many things restricted, like YT, Instagram and stuff that consumes bandwidth, meanwhile on WAN1 is a green pass for those pages. And I have configured the OpenDNS in such way that on the blocking page says WAN1 or WAN2 depending on what is getting blocked.
So, that being said, I have 100% certainty that for some unknown reason, the router is not detecting correctly that WAN1 is Online and routes the traffic to WAN2. Why? because most of the users of that group are getting an OpenDNS page saying the page was blocked on WAN2, when they are supposed to be on WAN1 and no blockage.
You can see the difference in requests,
from WAN1: | And WAN2 |
Strangely enough, the difference in request is about half between the two, which is something also odd. I should be getting almost 90% DNS requests on my WAN1, and almost nothing on WAN2.
Now, the behavior per se is not so incorrect, it is true that I want Only the VIP_Access group to have access to WAN2 when WAN1 goes down, but then, how come the rest of the users who have WAN1 as only route have no issue? Why the "priority mode" is not working as expected?
Knowing that, there is something that I need to understand, and that goes back to "Load Balancing". On my setup, I DO NOT want Load balancing, what I want is:
- one group of users going to WAN1,
- servers going to WAN2 and
- a handful of users to go to WAN1 when is online, if not, go to WAN2
So far, the router is doing what is configured to, except the last bit, that is a "sort of".
For this setup to work, do I need to have "Load balancing" or "Application Optimized Routing" enabled so policy routing works?
I ask this because, the "Online Detection" is on the "Load Balancing" section. Since both are part of the "Transmission" section, I do not know if all those main sections (NAT, Bandwidth Control, Session Limit, Load Balancing, Routing) work together or can be configured independently of the other (sadly the user manual is not so specific about it).
Another thing that I wanted to know from the "Online detection" is which option is the best to detect the online link? do I need both ping and dns lookup? will it more accurate and give less false reports? Before I was using Ping only and then changed to DNS lookup but still same results. I am using OpenDNS servers as destinations for any of them since they are the DNS I use.
The router WORKS, for everything that I need it, is just fine, works great, but the whole routing part in "Priority mode" needs some work. And I need to fix the issue ASAP.