Outbound policy unresponsive (Balance One Core)


#1

We are working on a Balance One Core to which is connected a good quality Ethernet connection (WAN1) and a 4G USB modem. We’re having certain issues with connectivity between one of the router’s clients, a radio repeater, and the server to which it is connected. As one step in troubleshooting, we changed the Priority WAN from 4G (the usual setting) to Ethernet. Importantly, the rule is the first rule in the list. “Terminate Sessions on Link Recovery” is checked. The client is defined in the rule by IP address. What we’ve found is that the Balance often ignores the outbound setting when we invoke a procedure such as this:

  1. Change the Priority WAN in the rule and save it.
  2. Perform a hard (power off/on) restart of the client (the repeater – done remotely via web switch).
  3. Confirm that the outbound policy took effect.

Any thoughts on this? (I might add that we’ve been able to reproduce this behavior at two other locations with Balance One Core devices.)


Outbound rules not working
Firmware 8.0 Beta 3 question
#2

I have seen the same problem on my Balance 30. Simple experiment:

  • Set outbound policy for an IP address to force to go over WAN1
  • Check traffic in status -> active sessions to verify it does go over WAN1
  • Set outbound policy for the same IP Address to force to go over WAN3
  • Check traffic in status -> active sessions. Traffic still goes out over WAN1. Even after a reboot of the client device in question.

The way it seems you can work around this is by assigning a different IP address to the client device, and change the rule to reflect the new IP address of course.

Bug?


#3

Hi @barthold. Yes, exactly. The procedure you suggest will reveal the same problem I have described. And, yes indeed I believe it is a bug in the firmware. Outbound policy has “sorta gotta” work as intended if SD-WAN is to make any sense at all. (The work-around will also work – if one has the luxury of changing client addresses whenever a change in outbound policy is needed.)

Perhaps we can get one of the Peplink engineers to try this in their lab?


#4

That would be great :slight_smile: I have no idea how though.

Barthold


#5

@Rick-DC

Do help me to understand the issue as the explanation given previously a bit confusing.

“Terminate Sessions on Link Recovery” involved of link recovery process in-order the old sessions will be terminated and waiting new sessions to be forwarded back to the highest priority WAN. I will further confirm this and update you shortly.

The above a bit confusing, outbound policy took effect ? Would you kindly explain further ?


#6

@barthold,

May i know which outbound policy algorithm you are referring ? Enforce ? I may need to further confirm this.


#7

Hi @sitloongs. Yes, I was not sufficiently specific. Sorry about that. “Enforce” works fine. “Priority” once worked as intended but now seems not to.

I describe a situation where two WANs are available and the client’s outbound traffic is assigned to the lower priority WAN when the one as set to higher priority is available and healthy. In each case, for testing, the "rule was set as the first rule in the list so there would be no question as to whether a higher priority rule was invoked. The subject device was identified by IP address (rather than MAC ID) and is on the address reservation list (not static.).


#8

@Rick-DC

Thank you for the clarification. I got you now. Let me further confirm this and update later.


#9

Priority and Enforced didn’t work for me. I am on 7.1.1.

Barthold


#10

@barthold

Noted. Let me confirm the behavior and update you again.


#11

@sitloongs Hi. I wonder if you have learned anything about this. I don’t see this covered in the release notes for 7.1.2 or 8.0. - Rick


Forwarding Specific traffic through 1 Cellular
#13

@Rick-DC, we are working on the fixes. Target to fix this in 8.0.0.

Thanks.


Outbound rules not working
#14

Hi, i configured both ISP in my wan link but unortunailty not getting full speed as per what actual i am getting from ISP, Outbound policy is persistence.
Please any one can help me in this. thanks