mwan3 负载平衡 多PPPOE账号 LTE WIFI 负载均衡
OpenWrt上的MWAN3可以支持多根网线或者多个PPPOE账号的同时拨号使用和负载均衡。并且还可以通过Ping方式来检测中断线路并自动屏蔽中断线路。
mwan3的详细介绍
https://openwrt.org/docs/guide-user/network/wan/multiwan/mwan3
说白了,就是可以负载平衡。多个口负载一块。也就是说,你有两个运营商账号
账号A是100M,B是200M,使用mwan3,同时使用。也就是可以100+200, 300M网速。
下面的配置记录,是做LTE和WIFI(STA上网,类似于wifi桥接),这样LTE和WIFI,可以保持用户,无论LTE或者WIFI网络不好时候,保证用户的上网稳定。
类似于优先用户上网正常,WIFI没网络就切换到LTE,LTE没网络,就切换到WIFI。
前段时间做过。具体流程,等有空更新一波。
我使用的是平台 openwrt + mtk7621
配置network
root@OpenWrt:~# cat /etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd6b:0d06:1413::/48'
config interface 'lan'
option ifname 'eth0'
option force_link '1'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.0.1'
option netmask '255.255.255.0'
option ip6assign '60'
option macaddr 'FF:FF:FF:FF:FF:FF'
config interface 'wan'
option proto 'dhcp'
option macaddr 'FF:FF:FF:FF:FF:FF'
option ifname 'eth1' //LTE模式
option metric '20' //添加
config interface 'wan0'
option ifname 'wlan0' //WIFI模式
option metric '10'
option proto 'dhcp'
option metric '10' //添加
config interface 'wan6'
option ifname '@wan'
option proto 'dhcpv6'
配置Firewall
root@OpenWrt:~# cat /etc/config/firewall
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'wan'
list network 'wan'
list network 'wan0' //添加
list network 'wan6'
option input 'REJECT'
option output 'ACCEPT'
option forward 'ACCEPT'
option masq '1'
option mtu_fix '1'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fe80::/10'
option src_port '547'
option dest_ip 'fe80::/10'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
config include 'miniupnpd'
option type 'script'
option path '/usr/share/miniupnpd/firewall.include'
option family 'any'
option reload '1'
root@OpenWrt:~# ip route show
default via 192.168.154.1 dev wlan0 proto static metric 10
default via 10.158.172.222 dev eth1 proto static metric 20
10.0.0.1 dev eth1 proto static scope link metric 20
10.158.172.220/30 dev eth1 proto static scope link metric 20
192.168.0.0/24 dev br-lan proto kernel scope link src 192.168.0.1
192.168.154.0/24 dev wlan0 proto static scope link metric 10
root@OpenWrt:~# ping -c 1 -I eth1 www.baidu.com
PING www.baidu.com (115.239.211.112): 56 data bytes
64 bytes from 115.239.211.112: seq=0 ttl=51 time=151.846 ms
--- www.baidu.com ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 151.846/151.846/151.846 ms
root@OpenWrt:~# ping -c 1 -I wlan0 www.baidu.com
PING www.baidu.com (115.239.211.112): 56 data bytes
--- www.baidu.com ping statistics ---
1 packets transmitted, 0 packets received, 100% packet loss
配置mwan3
root@OpenWrt:/# cat /etc/config/mwan3
config interface 'wan'
option enabled '1'
list track_ip '8.8.4.4'
list track_ip '8.8.8.8'
list track_ip '208.67.222.222'
list track_ip '208.67.220.220'
option reliability '2'
option count '1'
option timeout '2'
option interval '5'
option down '3'
option up '8'
config interface 'wan2'
option enabled '0'
list track_ip '8.8.8.8'
list track_ip '208.67.220.220'
option reliability '1'
option count '1'
option timeout '2'
option interval '5'
option down '3'
option up '8'
config member 'wan_m1_w3'//***************重点*************
option interface 'wan'//***************重点*************LTE
option metric '1'
option weight '3'
config member 'wan_m2_w3'
option interface 'wan'
option metric '2'
option weight '3'
config member 'wan2_m1_w2'//***************重点*************
option interface 'wan0'//***************重点*************WIFI
option metric '1'
option weight '2'
config member 'wan2_m2_w2'
option interface 'wan0'
option metric '2'
option weight '2'
config policy 'wan_only'
list use_member 'wan_m1_w3'
config policy 'wan2_only'
list use_member 'wan2_m1_w2'
config policy 'balanced' //***************重点*************
list use_member 'wan_m1_w3'//***************重点*************
list use_member 'wan2_m1_w2'//***************重点*************
config policy 'wan_wan2'
list use_member 'wan_m1_w3'
list use_member 'wan2_m2_w2'
config policy 'wan2_wan'
list use_member 'wan_m2_w3'
list use_member 'wan2_m1_w2'
config rule 'sticky_even'
option src_ip '0.0.0.0/0.0.0.1'
option dest_port '443'
option proto 'tcp'
option use_policy 'wan_wan2'
config rule 'sticky_odd'
option src_ip '0.0.0.1/0.0.0.1'
option dest_port '443'
option proto 'tcp'
option use_policy 'wan2_wan'
config rule 'default_rule'
option dest_ip '0.0.0.0/0'
option use_policy 'balanced'
root@OpenWrt:/#
https://blog.csdn.net/qq_17308321/article/details/62422419
# This is a mwan3 example config. For mwan3 to work you will need at least这是mwan3的设置示例。至少需要以下几项才能运行mwan3)
#
# - 2 interfaces(2个接口)
# - 2 members(2个成员)
# - 1 policy(1个策略)
# - 1 rule(1条规则)
#
# First define all your wan interfaces. Interface name must match with the
# name used in your network configuration:
(首先要设置所有的wan口,wan口的名字必须跟network配置文件中的wan口名字一致)
config 'interface' 'wan1'
option 'enabled' '1'
list 'track_ip' '8.8.4.4'(这些IP都是测试IP,验证是否能ping的通。这里有4个,前两个都是google提供的免费DNS服务器,国内访问应该比较慢。)
list 'track_ip' '8.8.8.8'
list 'track_ip' '208.67.222.222'
list 'track_ip' '208.67.220.220'
option 'reliability' '2'(可靠性,测试以上IP的可靠性,必须是有响应的链接的个数。简单说就是要求上面的ip几个能ping通)
option 'count' '1'(ping几次)
option 'timeout' '2'(ping后如果超时,超时几秒)
option 'interval' '5'(多次ping之间的间隔时间)
option 'down' '3'(出现几个ping不通时就认定该wan口掉线了)
option 'up' '8'(出现几个ping能成功时就认定已经掉线的wan口又上线了)
config 'interface' 'wan2'
option 'enabled' '1'
list 'track_ip' '8.8.8.8'
list 'track_ip' '208.67.220.220'
option 'reliability' '1'
option 'count' '1'
option 'timeout' '2'
option 'interval' '5'
option 'down' '3'
option 'up' '8'
# Next define a member and configure metric and weight values for this member.(接着设置一个成员的权重和跃点值)
# Each interface can have multiple member definitions. Give each member a correct(每一个接口可以含有多重成员定义。每一个成员名称必须有正确的名称)
# name (A-Z, a-z, 0-9, "_" and no spaces).
config 'member' 'wan1_m1_w3'
option 'interface' 'wan1'
option 'metric' '1'(1-1000的范围)
option 'weight' '3'(1-1000的范围)
config 'member' 'wan1_m2_w3'
option 'interface' 'wan1'
option 'metric' '2'
option 'weight' '3'
config 'member' 'wan2_m1_w2'
option 'interface' 'wan2'
option 'metric' '1'
option 'weight' '2'
config 'member' 'wan2_m2_w2'
option 'interface' 'wan2'
option 'metric' '2'
option 'weight' '2'
# After that create a routing policy. A routing policy consist of one or more(然后创建一条路由策略。包括一个或者几个成员。每个策略必须有正确的名称。可以创建多重策略,以至于可以使不同的通信走不同的主/次wan口)
# members. Give each policy a correct name (A-Z, a-z, 0-9, "_" and no spaces). You
# can create multiple policies, so that it is possible for different traffic to
# have different primary and/or backup interfaces.
config 'policy' 'wan1_only'(只走wan1)
list 'use_member' 'wan1_m1_w3'
config 'policy' 'wan2_only'(只走wan2)
list 'use_member' 'wan2_m1_w2'
config 'policy' 'wan1_wan2_loadbalanced'(wan1、wan2负载平衡)
list 'use_member' 'wan1_m1_w3'
list 'use_member' 'wan2_m1_w2'
config 'policy' 'wan1_pri_wan2_sec'(wan1主,wan2次)
list 'use_member' 'wan1_m1_w3'
list 'use_member' 'wan2_m2_w2'
config 'policy' 'wan2_pri_wan1_sec'(wan2主,wan1次)
list 'use_member' 'wan1_m2_w3'
list 'use_member' 'wan2_m1_w2'
# And to finish the config define your traffic rules. Rules are matched in top to(最后来设置通信规则。他是从你设置的规则由上到下依次匹配,如果你定义的一条规则匹配上了,后面的规则都将忽略。如果平衡选项已经设置,mwan3将使每一个新的包走同一个目标主机地址来到达负载平衡,如果没有设置,那么mwan3会根据目标地址自动负载平衡)
# bottom order. If you define a rule and it matches, all following rules are ignored.
#
# If the option equalize is set, mwan3 will load-balance each new session to the same
# host. If not set, it will load-balance based on destination.
config 'rule'
option 'src_ip' '192.168.21.0/24'(源IP,支持网段的表示方法)
option 'proto' 'tcp'(指定协议)
option 'dest_port' '563'(目标端口)
option 'use_policy' 'wan2_only'(指定走上面设定的哪个策略)
config 'rule'
option 'src_ip' '192.168.21.0/24'
option 'proto' 'tcp'
option 'dest_port' '995'
option 'use_policy' 'wan1_only'
config 'rule'
option 'dest_ip' '88.154.0.0/16'(目标IP)
option 'proto' 'tcp'
option 'dest_port' '1024:65535'(1024-65535的所有端口)
option 'equalize' '1'(1为选中。如果选中,mwan3将使每一个新的包走同一个目标主机地址来到达负载平衡。如果没有,那么mwan3会根据目标地址自动负载平衡)
option 'use_policy' 'wan1_wan2_loadbalanced'
config 'rule'
option 'dest_ip' '77.11.41.0/24'
option 'proto' 'tcp'
option 'dest_port' '1024:65535'
option 'use_policy' 'wan1_pri_wan2_sec'
config 'rule'
option 'dest_ip' '112.136.0.0/16'
option 'proto' 'udp'
option 'dest_port' '5352'
option 'use_policy' 'wan2_pri_wan1_sec'
config 'rule'
option 'dest_ip' '0.0.0.0/0'
option 'use_policy' 'wan1_wan2_loadbalanced'
else // no psw
{
my_printf(LOG_MODE_LEVEL_3,"%s(%d) security_mode is %s \n",__FUNCTION__,__LINE__,security_mode);
system("uci set network.wan.ifname=wlan0");
system("uci set CusCMCfg.Mode.EncMode=Disable");
system("uci commit");
system("ifup wan&");
system("ifup wan0&");//up eth1
system("killall wpa_supplicant");
sleep(1);
system("wpa_supplicant -Dnl80211 -iwlan0 -c /etc/config/8192eeshare &");
//system("/etc/init.d/dnsmasq restart");
sleep(3);
}
root@OpenWrt:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.154.1 0.0.0.0 UG 10 0 0 wlan0
0.0.0.0 100.112.252.37 0.0.0.0 UG 20 0 0 eth1
10.0.0.1 0.0.0.0 255.255.255.255 UH 20 0 0 eth1
100.112.252.36 0.0.0.0 255.255.255.252 U 20 0 0 eth1
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan
192.168.154.0 0.0.0.0 255.255.255.0 U 10 0 0 wlan0
root@OpenWrt:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.154.1 0.0.0.0 UG 10 0 0 wlan0
0.0.0.0 100.112.252.37 0.0.0.0 UG 20 0 0 eth1
10.0.0.1 0.0.0.0 255.255.255.255 UH 20 0 0 eth1
100.112.252.36 0.0.0.0 255.255.255.252 U 20 0 0 eth1
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan
192.168.154.0 0.0.0.0 255.255.255.0 U 10 0 0 wlan0
root@OpenWrt:~#
root@OpenWrt:~#
root@OpenWrt:~#
root@OpenWrt:~#
root@OpenWrt:~# ping -c 1 -I eth1 www.baidu.com
PING www.baidu.com (115.239.211.112): 56 data bytes
64 bytes from 115.239.211.112: seq=0 ttl=53 time=84.848 ms
--- www.baidu.com ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 84.848/84.848/84.848 ms
root@OpenWrt:~# ping -c 1 -I wlan0 www.baidu.com
PING www.baidu.com (115.239.210.27): 56 data bytes
64 bytes from 115.239.210.27: seq=0 ttl=51 time=206.639 ms
--- www.baidu.com ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 206.639/206.639/206.639 ms
root@OpenWrt:~#
root@OpenWrt:~# mwan3 restart
sh: enabled: unknown operand
sh: enabled: unknown operand
root@OpenWrt:~# mwan3 status
Interface status:
Interface wan is online (tracking active)
Interface wan0 is online (tracking active)
Policy balanced:
wan0 (40%)
wan (60%)
Policy wan2_only:
wan0 (100%)
Policy wan2_wan:
wan0 (100%)
Policy wan_only:
wan (100%)
Policy wan_wan2:
wan (100%)
Known networks:
destination policy hits
-----------------------------------------------
127.0.0.0/8 default 6
224.0.0.0/3 default 0
10.0.0.1 default 0
100.112.252.36/30 default 20
192.168.0.0/24 default 4
192.168.154.0/24 default 10
100.112.252.36 default 0
100.112.252.38 default 20
100.112.252.39 default 0
127.0.0.0 default 0
127.0.0.0/8 default 6
127.0.0.1 default 6
127.255.255.255 default 0
192.168.0.0 default 0
192.168.0.1 default 4
192.168.0.255 default 0
192.168.154.0 default 0
192.168.154.103 default 9
192.168.154.255 default 0
Active rules:
source destination proto src-port dest-port policy hits
--------------------------------------------------------------------------------------------------
0.0.0.0/0.0.0.1 0.0.0.0/0 tcp 0:65535 443 wan_wan2 0
0.0.0.1/0.0.0.1 0.0.0.0/0 tcp 0:65535 443 wan2_wan 0
0.0.0.0/0 0.0.0.0/0 all balanced 27
root@OpenWrt:~#