EdgeRouter - WAN Load-Balancing


Overview


Readers will learn how the WAN load-balancing feature works in EdgeOS. This feature allows the router to intelligently load-balance outgoing traffic between multiple WAN interfaces.

NOTES & REQUIREMENTS:
Applicable to the latest EdgeOS firmware on all EdgeRouter models. Knowledge of the Command Line Interface (CLI) and basic networking knowledge is required. Please see the Related Articles below for more information and see the attachments for the configuration used in this article.
 
Equipment used in this article:

Table of Contents


  1. FAQ
  2. Manual Configuration Example
  3. Additional Configuration Options
  4. Related Articles

FAQ


Back to Top

1. What is the minimal firmware version that I need to run load-balancing?

The load-balancing feature was introduced in EdgeOS firmware version v1.4.0.

2. How many interfaces can I load-balance between?
You can load-balance between 8 interfaces using EdgeOS firmware version v1.8.0 and up. Firmware versions prior to v1.8.0 only allow load-balancing between 2 interfaces.

There are a few requirements for the load-balancing configuration:

  • A load-balance section that defines the interfaces, and optionally ping targets, timer intervals, route-test, etc.
  • A firewall modify ruleset that defines the match criteria.
  • At least one LAN interface that has the firewall modify ruleset applied in the ingress (in) direction.

Manual Configuration Example


It is recommended to use the wizard in the Web UI to automatically configure all of the different load-balancing options. The configuration below shows how to configure load-balancing manually using the eth0 and eth1 as the WAN interfaces and eth2 as the LAN interface.

configure

set firewall group network-group PRIVATE_NETS network 192.168.0.0/16
set firewall group network-group PRIVATE_NETS network 172.16.0.0/12
set firewall group network-group PRIVATE_NETS network 10.0.0.0/8

set firewall modify balance rule 10 action modify
set firewall modify balance rule 10 destination group network-group PRIVATE_NETS
set firewall modify balance rule 10 modify table main

set firewall modify balance rule 20 action modify
set firewall modify balance rule 20 destination group address-group ADDRv4_eth0
set firewall modify balance rule 20 modify table main

set firewall modify balance rule 30 action modify
set firewall modify balance rule 30 destination group address-group ADDRv4_eth1
set firewall modify balance rule 30 modify table main

set firewall modify balance rule 110 action modify
set firewall modify balance rule 110 modify lb-group G

set interfaces ethernet eth2 firewall in modify balance

set load-balance group G interface eth0
set load-balance group G interface eth1
set load-balance group G lb-local enable
set load-balance group G lb-local-metric-change disable

commit ; save
NOTE: The modify table main entries are there to prevent the local LAN traffic from being balanced across the two WAN interfaces.

Additional Configuration Options


Back to Top

For those that want to tweak the default values, there are several configuration options in the load-balance group G section :

  • weightBy default, the traffic will be balanced 50/50 across both WAN interfaces. Modify this value to influence the utilization.
  • failover-onlyBy default, both interfaces will be used for load-balancing. Modify this value to set one interface to fail over when the primary interface fails.
  • route-testBy default, the interface status will be verified by pinging the ubnt.com address. Modify this value to specify a different ping target or script.
  • stickyBy default, the EdgeRouter will stick to the 50/50 ratio and will balance the traffic accordingly. Modify this value to keep sessions with the same destination/source address and port or protocol on the same WAN interface.
NOTE: The route-test parameter will also allow modify the ping interval and the success/failure counts.
load-balance {
    group <name> {
        interface <name> {
            weight <number>
            failover-only
            route-test {
                type {
                    default
                    ping {
                        target <address>
                    }
                    script <name>
                }
                initial-delay <seconds>
                interval <seconds>
                count {
                    success <number>
                    failure <number>
                }
            }
        }
        sticky {
            dest-addr enable
            dest-port enable
            proto enable
            source-addr enable
            source-port enable
        }
    }
}

Related Articles


Back to Top

EdgeRouter - Which EdgeRouter Should I Use?

EdgeRouter - Beginners Guide to EdgeRouter

Intro to Networking - How to Establish a Connection Using SSH


We're sorry to hear that!