Failover configuration trouble

anatoly.kryzhanovsky · August 8, 2018, 8:24am

good day all
two days ago i started experiments with vyos - i want to setup it as gateway with failover.
i have following environment:
eth0 - this is connection to my first (main) ISP with DHCP
eth1 - connect to my LAN (subnet 192.168.1.1/24, dedicated DHCP on other machine, so DHCP also)
eth2 - this is connection to my second ISP provider (reserve) with DHCP

now i setup loadbalancer with following config:
interfaces {
ethernet eth0 {
address dhcp
description WAN
duplex auto
hw-id …
smp_afinity auto
speed auto
}
ethernet eth1{
address dhcp
description LAN
duplex auto
hw-id …
smp_affinity auto
speed auto
}
ethernet eth2 {
address dhcp
description “WAN RESERV”
duplex auto
hw-id …
smp_affinity auto
speed auto
}
loopback lo {
}
}
load-balancing {
wan {
interface-health eth0 {
failure-count 2
nexthop dhcp
success-count 1
test 10 {
resp-time 5
target 8.8.8.8
ttl-limit 1
type ping
}
}
interface-health eth2 {
failure-count 2
nexthop dhcp
success-count 1
test 10 {
resp-time 5
target 8.8.8.8
ttl-limit 1
type ping
}
}
rule 10 {
failover
inbound-interface eth1
interface eth0 {
weight 10
}
interface eth2 {
weight 1
}
protocol all
}
}
}

no other NAT rules

the problem:
if all interfaces (eth0 and eth2) are connected to internet all works fine. But if i disconnected one of them - internet access failed, but i’m still can ping gateway of my ISP from VyOS machine, and i can ping appropriate interface from client machine.
If i reboot VyOS machine client has internet access, but if i switch interfaces (return eth0 back and remove eth1) - situation will repeat again…

more detailed explanation (for example):
eth0: 10.1.37.18 (gateway 10.1.37.1)
eth1: 192.168.1.1
eth2: 168.12.1.37 (gateway 168.12.1.1)
client: 192.168.1.2

all interfaces are up - all work fine
now i’m remove eth0
VyOS machine can’t ping 8.8.8.8
VyOS machine can ping 168.12.1.1 (isp2 gateway)
client can’t ping 8.8.8.8
client can ping 192.168.1.1 (VyOS)
client can’t ping 168.12.1.37 (isp2 gateway)

return eth0 back - and internet access already here! or i can restart VyOS machine and internet here through eth2

this situation can be reproduced with eth2…

ciprian.craciun · August 8, 2018, 1:55pm

During the time when one of the ISP interfaces is down what do the following commands output:

sudo ip route show
sudo ip rule show
sudo ip route show table all

anatoly.kryzhanovsky · August 11, 2018, 4:51pm

thanks for answering, but problem dissapeared after reinstall vyos, so now all works perfectly!

system · August 13, 2018, 4:51pm

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.