Posted: Tue Jul 07, 2020 2:28 Post subject: R7800 Dual WAN Failover with DHCP
Hi awesome people.
I've got an R7800 running DD-WRT v3.0-r40559 std (08/06/19).
It's an internal gateway (not edge router) and OpenVPN client, serving a dedicated VPN subnet. It was pretty tricky to get it running near flawlessly. So, now I want to screw it up, obviously.
Xfinity was down for about an hour today. So, I pulled out my old GLI MT300N mini router, plugged my Samsung S9 into its USB port, and plugged my edge router's WAN port into its LAN port. Slow but functional. Two Netflix watchers barely noticed.
As a test case, I'd like to automate this to some extent, by having a dual WAN with failover -- but on the R7800 VPN router for now.
Ideally I would ditch the MT300N, but a few attempts at getting USB0 up and running in DD_WRT turned me off. For now I'm happy to focus on having two WAN ethernet ports and let the mini handle USB, which it does really well.
Tl;dr requirements:
- Maintain primary role as gateway and VPN client, including kill switch and some iptables and dnsmasq rules to handle local network traffic even when vpn is down.
- Allow failover to secondary WAN when primary is down.
- Have this not break the GUI (see my notes about the VLANs below).
Current port setup, pretty vanilla:
- Port 5 is WAN (DHCP client). Switch config shows vlan2.
- Ports 1-3 are LAN and unused, switch config shows vlan1.
- Port 4 is connected to the LAN port of the MT300N, this can be static or DHCP but I'd prefer DHCP. Switch config shows vlan1.
- vlan0 is empty, at least in the GUI
I've checked out the instructions here: https://wiki.dd-wrt.com/wiki/index.php/Dual_WAN_with_failover. But without a DHCP example I lose the plot pretty quickly. I am also a little confused by the disconnect between the VLAN GUI and what's reported by nvram - this is actually what freaked me out when I was trying the instructions - I ended up with 3 VLANs reported by nvram and nothing matched the GUI..
Totally forgot to link that thread earlier. May be of some help
Got it - a shitload of good info - thanks panic.
For now, I landed on just physically swapping the WAN port ethernet whenever I want to use mobile data.
Android issues actually cooled me off me on the whole idea. It's almost impossible to get an S9 to (consistently) turn on tethering, without manual intervention.
Maybe I could do a wireless bridge (phone hotspot) for failover, but, that would probably be an even bigger config nightmare. Plus, no reason to think the hotspot will be more reliable than the USB tether.