Easier Management of OBP Rules

markCHI · November 7, 2024, 12:53pm

I use a MAX-BR2 in my motorhome and my WAN connections will vary depending on where I am. I have a lot of OBP rules that use priority and I may need to change that depending on where I am. For example, if I have great Cell reception and unlimited data i’d want that to be priority 1, but in remote areas, I usually want starlink to be Priority 1. I know you could probably accomplish this with different algorithms like lowest latency, fastest response, but as a user I have no clue which WAN is being used at any time. I really want to use priority

This means I have to edit about 20 OBP rules. This could be MUCH easier with either of these features:

Add network device groups. So I could add a set of IP or MAC addresses to a group and then create a single policy for the whole group. So my Source would be “IP Group” or “MAC Group”
Define WAN Groups. This would allow me to select specific WAN groups. For example a group called WAN priority where I could assign Starlink as 1 and 5G internet as 2. and assign this in a policy. This way if I get to a new location and I want to flip the priority, I edit one group instead of 20 rules

Thanks
Mark

bryn.loftus · November 7, 2024, 10:54pm

The first one exists, its called “Grouped Networks” for IP address’ (and domain names in the most recent firmware) and for MAC address’ its “Access Control Lists”.

They are both in IC2 under the same menu as Outbound Policy.

bryn.loftus · November 7, 2024, 10:58pm

The second one exists within outbound policy, for example if you choose “priority” as your type you can then select the wans in order.

you could have two outbound policy rules, that have whatever source/destination’s you want in them and first one is starlink then 5g and the second rule is 5g then starlink.

rules apply top down until a match is hit, so by changing the order of the rules (drag and drop) you can flip which one is used.

you can even do that in conjunction with the network groups (or applications) and have multiple sets so they have different outcomes by source device or destination or application if you want.

Mark_Anderson7878 · November 8, 2024, 1:37am

It doesn’t exist. I have about 20 IP’s I want to use priority and I have to setup and maintain 20 rules which sucks

bryn.loftus · November 8, 2024, 5:12am

Which part doesn’t exist?

Creating Grouped Network of IPs:
Screenshot 2024-11-08 160817

In Outbound policy, two rules that use it as source with different outcomes:

the rules have the source as the group, and set the priority in the order you want:

By dragging one of those rules above the other, it will take precedence.

padaco-daniel · November 8, 2024, 10:37am

It’s also Available in the local GUI of the devices. Under Advanced → Grouped Networks.
In the Outbound Policies you can then select the Grouped Networks instead of a subnet.

markCHI · November 8, 2024, 12:55pm

Thanks maybe I’m missing something, can I enter individual IP’s under grouped networks?

for example
192.169.50.62 255.255.255.0/24
192.169.50.84 255.255.255.0/24

If so, that’s awesome

Thanks

Mark

Andrew_Fidel · November 8, 2024, 3:16pm

For individual IPs you’d select the mask as 255.255.255.255, that’s the mask for a single IP address.

Mark_Anderson7878 · November 9, 2024, 1:40am

Thanks a lot for help and info