What's new

[beta] Dual WAN helper script (discontinued)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I mean may be somebody have find improvements in dual wan in FW 384.6 and tested it with helper and without?
Because after several testings, i still can not find what is the best solution to make stable dual wan on AC68U.
I have primary wan - DHCP from ISP. Secondary - Ethernet LAN 4 with fixed IP (really another router with LTE modem)
Yes, failover works, but failback - no.
Should I enable wan down redirect mode? Showuld i enable asus watchdog (ping to 8.8.8.8) or not, because helper has its own? With enabled asus watchdog router switches to pri wan even if it is not working.
 
@andrusha7778 - submit dual-wan BUGs to ASUS, otherwise they won't solve it

here is how to do that: https://www.snbforums.com/threads/beta-dual-wan-helper-script-v1-0-beta-3.40401/page-8#post-405912

ASUS Support wrote me:

On Tue, Jun 19, 2018 at 10:29 AM, servicecenter_emea@asus.com wrote:

Dear Mr. Burek,

the HQ told me that a new Beta FW is coming in two Months to fix many of the DUAL WAN Bugs.

two months are gone - 20th of August 2018, still nothing...

failover is not working correctly in many scenarios, failback is even worse, watchdog is useless and causing false alarms due to only one icmp target... there is so many things wrong with dual-wan I could write a book about it


https://www.asus.com/us/Networking/RTAC68U/HelpDesk_BIOS/

Version 3.0.0.4.384.21140 2018/07/10 42.89 MBytes

ASUS RT-AC68U Firmware version 3.0.0.4.384.21140
- [DDNS] Modified the procedure of DDNS service register under dual wan load balance mode
- [WAN] Modified detect logic of internet connection

@RMerlin - do you have any info regarding "Modified detect logic of internet connection" ?
 
Last edited:
@RMerlin - do you have any info regarding "Modified detect logic of internet connection" ?

No, no idea what change that was in the hundreds of line changes from previous release.
 
@thelonelycoder and @RMerlin - I am thinking about new approach to manage Dual WAN - Failover and Failback

if I setup router in Load Balancing mode

and define policy routing like this
192.168.1.1/25 subnet = 192.168.1.1 - 192.168.1.126 goes to WAN1
192.168.1.128/25 subnet = 192.168.1.129 - 192.168.1.254 goes to WAN2

what command should I use from command line interface, to change routing policy from WAN1 to WAN2, or vice versa: iptables, or something else?

that way I could create script to check my watchdog targets and after certain amount of failed packets has been reached, to switch WAN

I would create two virtual sub-interfaces on WAN1 and WAN2 so I can do ping tests using different WANs
ping -I eth1 8.8.8.8
ping -I eth2 8.8.8.8

it should work in theory, with some help from your side, we could actually use Load Balancing + scripts, as a workaround for non-working Asus Failover and Failback

what do you think?
 
I just got this code from ASUS Support per email

stop wanduck
Code:
nvram set wanduck_down=1
nvram commit
killall wanduck

if we could kill wanduck completely, does anybody know to to switch connection manually from WAN0 to WAN1 (Primary WAN to Secondary WAN)?
 
Right now I'm using 384.7_2 and it seems that improvements to dual wan have been made to this version since previous releases.
Right now switching between pri and sec wan are working (failback and failover), and timers are using. I'm using both dhcp ethernet connections for pri and sec wan.
 
please be careful when writing something like this, because I have tested 384.7_2 and it didn't brought any improvements

testing just by cable pull-out from Primary WAN or Secondary WAN is not correct way to test

in case of Internet outage, your ISP won't pull out cable from Primary or Secondary WAN
cable will remain connected but no traffic will flow...

are you using watchdog (ping) target?

root cause of all ASUS DualWAN problems is broken (very poor) Internet detection logic
DNS - NSLOOKUP - gives false results, even there is no WAN connection, NSLOOKUP provides results from DNS cache

if you are using WATCHDOG (ping) target, you can define only one target
if your target goes down (even one lost icmp packet) you will get reconnected
it is very very wrong to use only one watchdog target, because false positive results are rendering this unusable

if you compare ASUS DualWAN (wanduck) - Internet detection logic to script from Martineau, you will notice that Martineau's script is doing all possible tests if you like

ping (ICMP), curl (HTTP), even speedtest (for example if WAN1 is slower than 10Mbps, to switch to WAN2, you can define lowest speed you expect from your WAN interface)

https://www.snbforums.com/threads/n...reboot-if-internet-is-down.43819/#post-371791

I am really looking for reliable Internet failover detection for Small Business (SOHO), and only router capable of delivering that is at the moment Synology routers, Synology WAN failover works ridiculously good!

However I would like to have option to check HTTP (curl) and speedtest (sometimes Primary WAN goes to 1Mbps) due to unreliable ISP and in that case I want router to switch to Secondary WAN. When Primary WAN goes to almost halt, running at 1Mbps it is still enough for ICMP and/or HTTP (curl) tests, but small business is suffering, so doing speedtests from time-to-time helps to really get what you want.

If only ASUS would allow people like Merlin and Martineau do their magic without wanduck interrupting, ASUS and user community would profit from router that can really deliver reliable Internet connection.
 
Last edited:
root cause of all ASUS DualWAN problems is broken (very poor) Internet detection logic
DNS - NSLOOKUP - gives false results, even there is no WAN connection, NSLOOKUP provides results from DNS cache

There's a number of improvements coming from Asus. One of them is already present in the RT-AX88U firmware (the ability to chose between ping and nslookups as a detection mechanism), and I know further improvements were recently made to the mechanism itself.

If only ASUS would allow people like Merlin and Martineau do their magic without wanduck interrupting, ASUS and user community would profit from router that can really deliver reliable Internet connection.

Wanduck is completely open sourced so it can be modified. However the code is so complicated (and complete trash at times) that I no longer dare touching that code.
 
Wanduck is completely open sourced so it can be modified. However the code is so complicated (and complete trash at times) that I no longer dare touching that code.

exactly, such code should be commented in order to improve it, to be specific some parts of the code needs improvement
even though I am not C expert by any means, I have some basic understanding in reading code, and wanduck is just too complicated and without comments it is pretty much useless

@RMerlin - is wanduck code rewritten for AX88U, or did ASUS totally replaced wanduck by something else?

using ping (watchdog) with just one target, where just one dropped packet causes false alarm (and connection switch) is not the way to go, I have explained ASUS numerous times they need at least 2 targets, even I would prefer 3 watchdog targets to be sure there are no false alarms (unnecessary fail-overs)

still that doesn't resolve problem when connection works with lets say 128kbit/sec, ICMP will go trough, just as DNS lookup, but it will be pretty much unusable due to speed

so simple curl (http test) with expected speed could really help advanced users, avoid such situations
ASUS don't want to accept this idea, even though it makes sense

let's say you have "unlimited" LTE plan where first 5GB are available using full-speed, and afterwards speed is limited to 64kbit/sec, using simple curl (http) test, you could switch connection when it is too slow for your defined conditions
 
Last edited:
please be careful when writing something like this, because I have tested 384.7_2 and it didn't brought any improvements

testing just by cable pull-out from Primary WAN or Secondary WAN is not correct way to test

in case of Internet outage, your ISP won't pull out cable from Primary or Secondary WAN
cable will remain connected but no traffic will flow...

are you using watchdog (ping) target?
Hi!
I'm understand what i'm doing a little :)
My router connects to ISP through another switch, then to GPON device (pri wan). Secondary WAN is just another router with LTE modem (mikrotik).
When i want to simulate Pri wan down, i just disconnects GPON device from switch, so AC-68U didn't loose link, but default gateway of pri wan from ISP becomes unreachable. It switches to secondary wan correctly. When default gateway becomes reachable again during 4 pings on each 4 seconds, it switches back.
Yes, of course, this schematics has disadvantages - only one target, no speedtest, no URL check (for example DNS or ICMP working but if your ISP blocks you access to internet because of billing - then this will not work).
But on previous version of FW, even this simple schematics didnt work - when router trys to failback it became switching between pri and sec wan and vice versa.
 
@andrusha7778 - thank you for your explanation

I am using similar testing method, I disconnect COAX cabel from cable modem
cable modem is primary WAN on ASUS - cable modem is in bridge mode, feeding Public IP to Asus Primary WAN
Asus Secondary WAN is Huawei E3372 USB LTE (3G/4G) dongle, running normal serial modem mode (no Hi-Link router/NAT non-sense)

so I can have Public IP both on Primary WAN and Secondary WAN

if - when I disconnect COAX from cable modem, ASUS usually doesn't do failover, because it expects IP 0.0.0.0 on Primary WAN (confirmed by ASUS, WAN interface status is UP, UTP cable is connected from ASUS Primary WAN to Cable modem) however DHCP Lease is what it is, takes time for Public IP to expire

if - when I use watchdog target (icmp)

router sometimes (very often) gets into strange loop of switching WAN interfaces back and forth leaving me without ANY Internet access, even though both interfaces work fine after restart and manual testing

I have been sending LOGs to ASUS, so for the last 12 - 18 months, so all dualwan related changes you can "enjoy" probably have something to do with being persistent and not letting ASUS get rest with this, until they fix it

I keep re-opening tickets, addressing each dual-wan issue I have run into, explaining to ASUS support where is the root cause of the problem is, explaining how to do better Internet detection logic, having understanding that some ISPs are blocking "abusive ping use" continuous ICMP, so there you can switch to DNS Lookup, even though I would like to have confirmation in form of very simple curl (HTTP address field), where user could put there own http test destination

speedtest could be done in 15min intervals, it is probably enough to download 20MB test file from user-defined test location, in order to measure download rate, and do wan interface switch if necessary

I hope you can see benefit in this testing logic, and it would improve features on ASUS routers, giving them some competitive advantage over some competition, if they accept these ideas

if they would adopt Martineu's script with some minor ajustments, it would be a great step forward for ASUS

please if you have any feedback how to improve this even further, share your ideas
 
Last edited:
@RMerlin - is wanduck code rewritten for AX88U, or did ASUS totally replaced wanduck by something else?

No, wanduck is more or less the same, might be a few improvements for the AX88U since it's currently based on slightly newer code than other models, like the ability to monitor through either pings or name resolutions.

speedtest could be done in 15min intervals, it is probably enough to download 20MB test file from user-defined test location, in order to measure download rate, and do wan interface switch if necessary

That would be incredibly wasteful. You're suggesting downloading 1.9 GB of data each day just to check the state of your Internet connection.
 
I don't know any better way to switch WAN connections, when one comes under certain speed, if you have any better idea let me know.

having "speedtest" curl-http test running, should be optional for advanced users
 
I don't know any better way to switch WAN connections, when one comes under certain speed, if you have any better idea let me know.

Me too! :p

P.S. I think there was an old article about how much 'Speedtest by Ookla' uses during its 15 seconds? test...pretty sure the test I just did a few seconds ago downloaded approx. 250MB and uploaded approx. 35MB. :eek:
 
router sometimes (very often) gets into strange loop of switching WAN interfaces back and forth leaving me without ANY Internet access, even though both interfaces work fine after restart and manual testing
For me it was same on prevoius FW releases, router tries to switch to 2nd wan and loops to switch to pri wan and loops on that.
Using modem in bridge mode is not option for me, because PPP connection fails very very often with my celluar ISP. So i decided to use another router on eth4 for 2nd wan (huawei e3372h in hilink+mikrotik. AC68U didnt understand huawei in hilink).
 
The AB-Solution website will shut down at the end of this year, Diversion is the successor.
In preparation for this, the download section has been disabled as of December 23. With it is the ability to download the 'Dual WAN helper script'.
As with AB-Solution, this also means the EOL for the Dual WAN helper script.

It's been fun while it lasted, but for a while now my job keeps me very busy. I want to concentrate the free time I have to work on the two popular scripts amtm and Diversion.
I'm sure Asus will eventually come up with a Dual WAN solution that satisfies all, making my beta script obsolete.
 
Last edited:
The AB-Solution website will shut down at the end of this year, Diversion is the successor.
In preparation for this, the download section has been disabled as of December 23. With it is the ability to download the 'Dual WAN helper script'.
As with AB-Solution, this also means the EOL for the Dual WAN helper script.

It's been fun while it lasted, but for a while now my job keeps me very busy. I want to concentrate the free time I have to work on the two popular scripts amtm and Diversion.
I'm sure Asus will eventually come up with a Dual WAN solution that satisfies all, making my beta script obsolete.
Hi,

I was looking for dual-wan-helper_v1.0-beta3.zip and wan_connect_notification_v1.7.zip but I discovered that starting today files cannot be downloaded any more.
Could you please share them please using any other option?

Thank you for continuous hard work and Merry Christmas and a Happy New Year!
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top