routeprotocol.com

Load Balancing and Redundancy on the Ubiquiti Edgerouter

The Ubiquiti Edgerouter offers the capability to load balance trafffic among different WAN interfaces. This can improve redundancy and overall thoroughput on your home or small business connection.

To get started you’ll need two WAN connections, ideally similar in capability, you can configure weighting to prefer one connection over the other. If your looking to simply have an automatic backup connection you can also configure one of the load balanced connections to only active as a fail-over.

In this example I am using an Edgerouter 3 Lite, running version v1.10.8 and two VDSL/FTTC connections.

Set up your individual WANs on each interface as you normally would, including the PPPoE interfaces under each physical interface:

ethernet eth0 {
 description VDSL 1
 duplex auto
 mtu 1500
 pppoe 0 {
  default-route auto
  mtu 1492
  name-server auto
  password xxxx
  user-id username@connectionone
 }
speed auto
}

ethernet eth2 {
 description VDSL 2
 duplex auto
 mtu 1500
 pppoe 1 {
  default-route auto
  mtu 1492
  name-server auto
  password xxxx
  user-id username@connectiontwo
 }
 speed auto
}

Next configure static routing for each. I do not get static IP addresses for each of my services to I need to use a static interface-route

protocols {
     static {
         interface-route 0.0.0.0/0 {
             next-hop-interface pppoe0 {
             }
             next-hop-interface pppoe1 {
                 distance 200
             }
          }
      }
}

Remeber to also create your NAT rules for both interfaces pppoe0 and pppoe1

If succesfull, you should now have two pppoe interfaces up and running:

x@edgerouter:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface    IP Address                        S/L  Description
---------    ----------                        ---  -----------
eth0         -                                 u/u  VDSL
eth2         -                                 u/u  VDSL2
lo           127.0.0.1/8                       u/u
             ::1/128
pppoe0       x.x.x.1                     u/u
pppoe1       x.x.x.2                   u/u

The next step is to create the load balancing

set load-balance group LB1 interface pppoe0 route-test initial-delay 60
set load-balance group LB1 interface pppoe0 route-test interval 10
set load-balance group LB1 interface pppoe0 route-test type ping target 8.8.4.4
set load-balance group LB1 interface pppoe1 route-test initial-delay 60
set load-balance group LB1 interface pppoe1 route-test interval 10
set load-balance group LB1 interface pppoe1 route-test type ping target 8.8.8.8
set load-balance group LB1 lb-local enable
set load-balance group LB1 lb-local-metric-change disable
set load-balance group LB1 sticky

The commands above create the group and add both of our PPPoE interfaces to the group.

It also creates test methods to ensure that both connections are online by occasionly pinging 8.8.8.8 and 8.8.4.4. If the destinations can’t be reached the load balance member will be removed from the group.

Next up we create our firewall rules to determine which traffic gets load balanced:

set firewall group network-group lan-subnets network 192.168.0.0/16
set firewall group network-group lan-subnets network 172.16.0.0/12
set firewall group network-group lan-subnets network 10.0.0.0/8

set firewall modify LBRules rule 10 action modify
set firewall modify LBRules rule 10 destination group network-group lan-subnets
set firewall modify LBRules rule 10 modify table main

set firewall modify LBRules rule 20 action modify
set firewall modify LBRules rule 20 destination group address-group ADDRv4_eth0
set firewall modify LBRules rule 20 modify table main

set firewall modify LBRules rule 30 action modify
set firewall modify LBRules rule 30 destination group address-group ADDRv4_eth1
set firewall modify LBRules rule 30 modify table main

set firewall modify LBRules rule 110 action modify
set firewall modify LBRules rule 110 modify lb-group LB1

The first set of 3 rules defines the LAN subnets that we don’t need to balance across our WAN load balancers. These are all internal traffic so there is no need for it to be sent to our load balancing group.

Rule 10 and Rule 20 prevent the WAN IP’s being load balanced. Rule 110 is the end/process everything else rule that sends traffic to the load balancers.

Now that we have our load balancer set up. We need to apply it to incoming traffic on our LAN interface

set interfaces ethernet eth1 firewall in modify LBRules

Commit and your changes and that is it! You can verify the load balancer is working by running show load-balance status

x@edgerouter:~$ show load-balance status
Group LB1
  interface   : pppoe0
  carrier     : up
  status      : active
  gateway     : pppoe0
  route table : 201
  weight      : 50%
  flows
      WAN Out : 1141
      WAN In  : 3
    Local Out : 2
interface   : pppoe1

  carrier     : up

  status      : active

  gateway     : pppoe1

  route table : 202

  weight      : 50%

  flows

      WAN Out : 1123

      WAN In  : 0

    Local Out : 3

Posted

in

,

by

routeprotocol

Tags:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.