PBR + wan failover

General questions
7

Modyfying all lab I have, i get following results.
First, scenario is:

  • eth1: WAN01
  • eth2: WAN02
  • eth3: LAN, which has 2 networks (192.168.88.0/24 and 192.168.99.0/24), and then 2 vlans.
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
eth0             -                                 u/u  
eth1             10.1.1.2/24                       u/u  To R01 
eth2             10.2.2.2/24                       u/u  To R02 
eth3             192.168.99.1/24                   u/u  LAN 
                 192.168.88.1/24
eth3.100         192.168.100.1/24                  u/u  
eth3.200         192.168.200.1/24                  u/u

Wan Loadbalancing config:

  • VLAN 100 through WAN01, and backup WAN02
  • VLAN 200 throguh WAN02, and backup WAN01
  • Network 192.168.88.0/24, same behaviour as VLAN 200
  • Network 192.168.99.0/24: not affected by WAN Load Balancing.
vyos@R03:~$ show config comm | grep wan
set load-balancing wan interface-health eth1 failure-count '1'
set load-balancing wan interface-health eth1 nexthop '10.1.1.1'
set load-balancing wan interface-health eth1 success-count '1'
set load-balancing wan interface-health eth2 failure-count '1'
set load-balancing wan interface-health eth2 nexthop '10.2.2.1'
set load-balancing wan interface-health eth2 success-count '1'
set load-balancing wan rule 10 failover
set load-balancing wan rule 10 inbound-interface 'eth3.100'
set load-balancing wan rule 10 interface eth1 weight '100'
set load-balancing wan rule 10 interface eth2 weight '10'
set load-balancing wan rule 10 protocol 'all'
set load-balancing wan rule 20 failover
set load-balancing wan rule 20 inbound-interface 'eth3.200'
set load-balancing wan rule 20 interface eth1 weight '10'
set load-balancing wan rule 20 interface eth2 weight '100'
set load-balancing wan rule 20 protocol 'all'
set load-balancing wan rule 30 failover
set load-balancing wan rule 30 inbound-interface 'eth3'
set load-balancing wan rule 30 interface eth1 weight '10'
set load-balancing wan rule 30 interface eth2 weight '100'
set load-balancing wan rule 30 protocol 'all'
set load-balancing wan rule 30 source address '192.168.88.0/24'

PBR routing affecting only to network 192.168.99.0/24 on eth3:

  • Set different table and test
vyos@R03:~$ show config comm | grep pol
set interfaces ethernet eth3 policy route 'POL-ETH3'
set policy route POL-ETH3 rule 10 set table '10'
set policy route POL-ETH3 rule 10 source address '192.168.99.0/24'

vyos@R03:~$ show config comm | grep "table 10"
set protocols static table 10 route 0.0.0.0/0 next-hop 10.1.1.1
set protocols static table 10 route 1.1.1.1/32 blackhole

Results:

  • Wan loadbalancing working as expected, and swithing from main to backup when one of the links goes down. (applies for both vlans and for network 192.168.88.0/24)
  • As for network 192.168.99.0/24, static PBR is applied. So no fail-over mechanism is working on it. and It’s always being routed according to content of routing table 10

Hope this might be helpful for you!