Router with failover line
The last month i worked in the Nairobi Office. For internet we have a KDN-Fibre. Because it’s so often down we also have a KDN-Wimax line. But even with this configuration sometimes we have downtimes so we also ordered a ZUKU Wimax line.
Both KDN lines use the same IP. I don’t think it’s easy possible to have them both plugged into the router for redundancy. So when the fiber is down someone has to unplug and plug the wimax cable. for the ZUKU line i wanted a better solution. if KDN has a problem the ZUKU line should take over automatically. The first approach was to use an old PC with linux installed and three network cards. But there are a few serious drawbacks. A whole PC uses lots of Power. It’s expensive, heats up the office, it’s not so green and if we have a power cut it drains the backup battery faster. A router with redundant line capabilities is quite expensive… and also uses lots of power. It’s also over sized for our little office.
But there is openwrt and a few similar projects. They provide a linux distribution which you can install on a few cheap and small wireless routers. These routers with almost no functionality can get very powerful devices with a proper Operating System installed on them.
It was really hard to find a supported router in Nairobi. In Switzerland you can get them in lots of online and offline shops. Here we had to find someone who specialized only in routers. The one we bought was a Linksys WRT54GL. The next Step was to install the openwrt OS on it. There are two flavors, used the Kamikaze, it’s more modern! You can use the original webinterface to upload the new firmware. There is a Page with all the ways how to install it. The router now has a very powerful web interface. You can already add multiple WAN interfaces. I created one for the ZUKU line called zukuwan. You also have to add a third vpn (*1) which uses one of the LAN ports and uses the zukuwan network. i also had to add that zukuwan network to the WAN zone of the firewall. To modify the firewall settings i had to install the luci firewall packet (*2).
You can check if both WAN lines are properly working when you plug only one WAN line and restart the router.
A nice guy created a script which ads line balancing and failover support. For this some rather complex routing stuff is required. The script manages that and also checks if a line is down. You have to add the packages multiwan and luci-app-multiwan (config interface) from https://forum.openwrt.org/viewtopic.php?id=23904.
After you installed the packages you have a multi-wan configuration page in the network menu. Remove there the wan2 config and add a new one called zukuwan or however you called your second WAN connection. You can also remove all of the entries in mwanfw. The default route should be fastbalancer. Set the failover_to for each interface to the other one.
After this it should work. If it’s not working ther is a way to check. You can connect via ssh to the router if you changed your password. There type
ip route show table 123
This should give two default routes. If you plug out one cable it should take about 10 to 20 seconds and then this route should be removed.
(*1) Go to the Administration/Network/Switch Page. Add an interface ethX.2. set it to the ports 0 and 5. Remove Port 0 from ethX.0. For the second WAN connection set eth0.2 as Interface.
(*2) Go to Administration/Overview/LuCI Components. Check luci-app-firewall package and press the Install button. After a restart you have the Administration/Network/Firewall config page. Select wan and zukuwan for the wan Zone.