Mwan
From Wiki of WFilter NG Firewall
(Difference between revisions)
(→WAN Failover) |
|||
(10 intermediate revisions by one user not shown) | |||
Line 5: | Line 5: | ||
== Solution == | == Solution == | ||
You need to define line solutions at first. For example: | You need to define line solutions at first. For example: | ||
− | * WAN1 Only: set WAN1 as a dedicated line for business servers only. | + | * "WAN1 Only": set WAN1 as a dedicated line for business servers only. |
− | * WAN2 & WAN3 Balanced: for office users to share these two lines. | + | * "WAN2 & WAN3 Balanced": for office users to share these two lines. |
− | * WAN3 Only: traffic to certain websites will be in this line. | + | * "WAN3 Only": traffic to certain websites will be in this line. |
− | You can add | + | You can add multiple line solutions, for each solution, you need to define the load balancing rank for every interface. |
− | [[File:ros_mwan_001.png| | + | [[File:ros_mwan_001.png|800px]] |
== Policy == | == Policy == | ||
A solution won't work without policy. Policy is the rule to define which traffic picks which solution. Settings: | A solution won't work without policy. Policy is the rule to define which traffic picks which solution. Settings: | ||
− | * Source | + | * Source: source ip address or ip range. You can define IP as "Any", "Single IP" or "IP Range". |
− | ** For "Single", a single ip or subnet is allowed(for example: 192.168.1.10 or 192.168.1.0/24). | + | ** For "Single IP", a single ip or subnet is allowed(for example: 192.168.1.10 or 192.168.1.0/24). |
− | ** For "Range", you need to input an ip range. | + | ** For "IP Range", you need to input an ip range. |
* Target, target ip or domain | * Target, target ip or domain | ||
− | ** For "Single" and "Range", the synax is the same as "Source | + | ** For "Single IP" and "IP Range", the synax is the same as "Source". |
− | ** For " | + | ** For "Customize", you can select traffic by "application type", "web categories", "countries and regions" or "custom IP or domains". |
+ | * Ports: target ports to be applied. | ||
− | [[File:ros_mwan_002.png| | + | [[File:ros_mwan_002.png|900px]] |
+ | |||
+ | [[File:ros_mwan_002_2.png|900px]] | ||
'''Please notice''': Rules are always processed from the top of a list down, first match wins. You may drag the re-order icon to re-order rules. | '''Please notice''': Rules are always processed from the top of a list down, first match wins. You may drag the re-order icon to re-order rules. | ||
− | [[File:ros_mwan_003.png| | + | [[File:ros_mwan_003.png|800px]] |
+ | |||
+ | == WAN Failover == | ||
+ | "WAN Failover" feature detects line availability, in case one line fails, interface load will be re-balanced. | ||
+ | * "WAN Failover" is disabled by default. | ||
+ | * If "reconnect" is enabled, WAN interfaces will be automatically restarted on failure. | ||
+ | * For "static ip" WAN interface, NGF will automatically ping WAN gateway to check. | ||
+ | * Use IP addresses for connection testing is recommended. | ||
+ | |||
+ | |||
+ | [[File:ros_mwan_004.png|800px]] | ||
== FAQ == | == FAQ == |
Latest revision as of 15:13, 27 July 2020
Contents |
[edit] 1 Muti-WAN
Muti-WAN enables you to set load balancing and advanced routing when you have multiple WAN interfaces. This module has no use if you only have one WAN interface.
[edit] 2 Solution
You need to define line solutions at first. For example:
- "WAN1 Only": set WAN1 as a dedicated line for business servers only.
- "WAN2 & WAN3 Balanced": for office users to share these two lines.
- "WAN3 Only": traffic to certain websites will be in this line.
You can add multiple line solutions, for each solution, you need to define the load balancing rank for every interface.
[edit] 3 Policy
A solution won't work without policy. Policy is the rule to define which traffic picks which solution. Settings:
- Source: source ip address or ip range. You can define IP as "Any", "Single IP" or "IP Range".
- For "Single IP", a single ip or subnet is allowed(for example: 192.168.1.10 or 192.168.1.0/24).
- For "IP Range", you need to input an ip range.
- Target, target ip or domain
- For "Single IP" and "IP Range", the synax is the same as "Source".
- For "Customize", you can select traffic by "application type", "web categories", "countries and regions" or "custom IP or domains".
- Ports: target ports to be applied.
Please notice: Rules are always processed from the top of a list down, first match wins. You may drag the re-order icon to re-order rules.
[edit] 4 WAN Failover
"WAN Failover" feature detects line availability, in case one line fails, interface load will be re-balanced.
- "WAN Failover" is disabled by default.
- If "reconnect" is enabled, WAN interfaces will be automatically restarted on failure.
- For "static ip" WAN interface, NGF will automatically ping WAN gateway to check.
- Use IP addresses for connection testing is recommended.