Excluding WAN from failover, but keep it active


#1

Peplink is managing 3 WANs and I would like to use 2 WANs for failover/overflow while the 3rd WAN should be used only for specific hosts. How do I achieve this?


#2

Create rule(s) in Outbound Policy using the Enforced algorithm to either A) send an entire network to the 3rd WAN or B) send individual IPs to the 3rd WAN. Option A will be easier to implement, as it requires a single rule. However you will need your network logically segmented (subnetted) to isolate those specific hosts. If you go with option B you should use DHCP reservations to bind the MAC addresses of these specific hosts to static IPs. Otherwise you will be forever updating those rule(s) every time one of those hosts gets a new DHCP address.

The two failover/overflow WANs will require a rule using the Overflow algorithm for failover. The Peplink determines which rule applies based on the order of the rules on the Outbound Policy page. Move the Enforced rule to the top, followed by the Overflow rule. Network traffic from the specific hosts will be caught by the first rule and sent out over WAN3. The rest of your traffic (which is not in the segmented LAN / IP address of those specific hosts) will then use the overflow rule to direct traffic out the higher priority WAN which is healthy (online) and not in full load.


#3

I think I’ve got an easier way to achieve this:

Line specs
WAN 1: 4/4
WAN 2: 16/4
WAN 3: 40/40 (capped at 200GB/month)

Peplink Balance settings

  • general rule is to overflow from WAN to WAN with priority WAN 1, WAN 2, WAN 3
  • WAN 1 configured as 4/4
  • WAN 2 configured as 20/6 (setting values to a higher limit than the line capability)

As a result, overflow from WAN 2 to WAN 3 should never occur as the overflow limit will never happen…

What do you think? Should it work?

Thanks!


#4

If WAN1 and WAN2 are down, may I know the clients allow to use WAN3? Or you just want the clients loose internet connection after both WANs are down?


#5

If I may, let me pose a similar question here.

In a Balance One we need to do have the following:
Configure WANs for both Overflow/ priority failover and to achieve least cost routing on particular WANs.

Here WAN 1,2, and 3 are low cost. WAN 4 and 5 are running high cost/limited bandwidth Vsat/ Inmarsat. On a vessel where the Internet connections will be constantly breaking and changing speed/health.

WAN 1, Wan 2, Wan 3 to be available to all subnets.

WAN 4, available only to a specified Owner subnet and hosts. Should also first use WAN 1,2,or 3 with Persistence and fail-over to WAN 4.

WAN 5, Only available to certain hosts (Not entire Manager subnet) if other WANs 1-4 become unavailable. Priority Failover.

The other subnets need to be prevented from ever accessing WAN 4 and Wan 5, though they need unrestricted Overflow/ Priority fail-over for WAN 1,2,3.

  1. Can this be done? At first glance I do not think an enforced rule for Owner subnet to WAN 4 would work. As this would always send traffic to WAN 4 regardless of its health. We want the Owners subnet to first look for WAN 1,2 or 3.

  2. How would you exclude a WAN from from being used by certain subnets when the other rules allow Overflow/Priority?

  3. Is it a matter of only using Weighted Balance or Persistence and setting weight of the excluded WAN to 0? Then create another rule with weight greater than 0 for the Owner subnet to use that WAN ?

  4. Will a Weighted Balance and Persistence balance set to 0 always keep traffic off a WAN? I have noticed that sessions from a host do not always terminate on link recovery when a >0 WAN comes back online.


#6

This can be achieved with settinngs below.

Create another 2 Vlans as below:

Untagged - VVIP
Vlan11 - VIP
Vlan12 - Normal user

If users are using Wifi connection, you may have 3 SSIDs below:

VVIP - tie with Untagged Vlan
VIP - tie with Vlan11
Normal user - tie with Vlan12

Create Outbound Policy below:

VVIP rule
Source: Untagged Vlan subnet
Destination: Any
Protocol: Any
Algorithm: Priority
Priority Order: 1) WAN1 2)WAN2 3)WAN3 4)WAN4 5)WAN5
Terminate Sessions on Link Recovery: Enable

VIP rule
Source: Vlan11 subnet
Destination: Any
Protocol: Any
Algorithm: Priority
Priority Order: 1) WAN2 2)WAN3 3)WAN1 4)WAN4
Terminate Sessions on Link Recovery: Enable

Default rule (Normal user)
Source: Vlan12 subnet
Destination: Any
Protocol: Any
Algorithm: Priority
Priority Order: 1) WAN3 2)WAN1 3)WAN2
Terminate Sessions on Link Recovery: Enable

Hope this help.