What's new

WANFailover Dual WAN Failover Script

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

doesnt work

doesnt work
if i switch to wan1, 192.168.254.254 in a browser takes me straight to the dsl modem url

Code:
estination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         100.64.0.1      0.0.0.0         UG    0      0        0 eth0
1.1.1.1         100.64.0.1      255.255.255.255 UGH   1      0        0 eth0
8.8.4.4         192.168.10.1    255.255.255.255 UGH   0      0        0 eth5
8.8.8.8         100.64.0.1      255.255.255.255 UGH   1      0        0 eth0
34.120.255.244  *               255.255.255.255 UH    0      0        0 eth0
100.64.0.0      *               255.192.0.0     U     0      0        0 eth0
100.64.0.1      *               255.255.255.255 UH    0      0        0 eth0
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
192.168.10.0    *               255.255.255.0   U     0      0        0 eth5
192.168.50.0    *               255.255.255.0   U     0      0        0 br0
192.168.100.1   *               255.255.255.255 UH    0      0        0 eth0
192.168.254.254 *               255.255.255.255 UH    0      0        0 eth5
239.0.0.0       *               255.0.0.0       U     0      0        0 br0
I actually do this same thing on my network, I have a route for the modem status page for WAN1 created so I can always view it. It’s not in the same subnet as the other gateway device is it? I even have it NAT’d to a port so I access it from the router’s IP.
 
I actually do this same thing on my network, I have a route for the modem status page for WAN1 created so I can always view it. It’s not in the same subnet as the other gateway device is it? I even have it NAT’d to a port so I access it from the router’s IP.
wan0 is 192.168.50.X
Wan1 is 192.168.10.X
Wan1s dsl modem wants 192.168.254.254 to access the gui. When i do look at the dsl modem network page, it shows 192.168.254.254 as the gateway?
 
Can you send me updated logs when it is not working after changing the IP
Please find below the logs with 9.9.9.9 while wan0 stuck in Hot-Standby.
Please notice that ONT activated (after power off while internet failed-over to Secondary using script Version: v1.4.6) at line [WAN0 Failback Monitor].
Thank you!
Code:
Jun 20 21:45:19 src@B88X wan-failover.sh: WAN Status - wan0 enabled
Jun 20 21:45:19 src@B88X wan-failover.sh: WAN Status - wan0 is disconnected.  IP Address: 0.0.0.0 Gateway: 0.0.0.0
Jun 20 21:45:19 src@B88X wan-failover.sh: WAN Status - wan1 enabled
Jun 20 21:45:19 src@B88X wan-failover.sh: WAN Status - Route already exists for 1.1.1.1 via 192.168.7.1 dev eth8
Jun 20 21:45:21 src@B88X wan-failover.sh: WAN Status - wan1 has 0% packet loss
Jun 20 21:45:21 src@B88X wan-failover.sh: WAN1 Active - Verifying WAN1
Jun 20 21:45:21 src@B88X wan-failover.sh: WAN0 Failback Monitor - Monitoring WAN0 via 9.9.9.9 for Failback
Jun 20 21:45:21 src@B88X wan-failover.sh: WAN Status - wan0 enabled
Jun 20 21:45:22 src@B88X wan-failover.sh: WAN Status - Creating route 9.9.9.9 via 10.0.0.1 dev eth0
Jun 20 21:46:00 src@B88X wan-failover.sh: WAN Status - wan0 enabled
Jun 20 21:46:00 src@B88X wan-failover.sh: WAN Status - Creating route 9.9.9.9 via 10.0.0.1 dev eth0
Jun 20 21:47:00 src@B88X wan-failover.sh: WAN Status - wan0 enabled
Jun 20 21:47:00 src@B88X wan-failover.sh: WAN Status - Creating route 9.9.9.9 via 10.0.0.1 dev eth0
Jun 20 21:48:00 src@B88X wan-failover.sh: WAN Status - wan0 enabled
Jun 20 21:48:00 src@B88X wan-failover.sh: WAN Status - Creating route 9.9.9.9 via 10.0.0.1 dev eth0
Jun 20 21:49:00 src@B88X wan-failover.sh: WAN Status - wan0 enabled
Jun 20 21:49:00 src@B88X wan-failover.sh: WAN Status - Creating route 9.9.9.9 via 10.0.0.1 dev eth0
Jun 20 21:50:00 src@B88X wan-failover.sh: WAN Status - wan0 enabled
Jun 20 21:50:00 src@B88X wan-failover.sh: WAN Status - Creating route 9.9.9.9 via 10.0.0.1 dev eth0
 
wan0 is 192.168.50.X
Wan1 is 192.168.10.X
Wan1s dsl modem wants 192.168.254.254 to access the gui. When i do look at the dsl modem network page, it shows 192.168.254.254 as the gateway?
That's because it is a Gateway and your Router is also acting as a Gateway (Double NAT). You may need to also create a NAT Masquerade rule to make it work in your POSTROUTING Table?
Something like this:
Code:
iptables -t nat -A POSTROUTING -o eth5 -d 192.168.254.254 -j MASQUERADE
 
Please find below the logs with 9.9.9.9 while wan0 stuck in Hot-Standby.
Please notice that ONT activated (after power off while internet failed-over to Secondary using script Version: v1.4.6) at line [WAN0 Failback Monitor].
Thank you!
Code:
Jun 20 21:45:19 src@B88X wan-failover.sh: WAN Status - wan0 enabled
Jun 20 21:45:19 src@B88X wan-failover.sh: WAN Status - wan0 is disconnected.  IP Address: 0.0.0.0 Gateway: 0.0.0.0
Jun 20 21:45:19 src@B88X wan-failover.sh: WAN Status - wan1 enabled
Jun 20 21:45:19 src@B88X wan-failover.sh: WAN Status - Route already exists for 1.1.1.1 via 192.168.7.1 dev eth8
Jun 20 21:45:21 src@B88X wan-failover.sh: WAN Status - wan1 has 0% packet loss
Jun 20 21:45:21 src@B88X wan-failover.sh: WAN1 Active - Verifying WAN1
Jun 20 21:45:21 src@B88X wan-failover.sh: WAN0 Failback Monitor - Monitoring WAN0 via 9.9.9.9 for Failback
Jun 20 21:45:21 src@B88X wan-failover.sh: WAN Status - wan0 enabled
Jun 20 21:45:22 src@B88X wan-failover.sh: WAN Status - Creating route 9.9.9.9 via 10.0.0.1 dev eth0
Jun 20 21:46:00 src@B88X wan-failover.sh: WAN Status - wan0 enabled
Jun 20 21:46:00 src@B88X wan-failover.sh: WAN Status - Creating route 9.9.9.9 via 10.0.0.1 dev eth0
Jun 20 21:47:00 src@B88X wan-failover.sh: WAN Status - wan0 enabled
Jun 20 21:47:00 src@B88X wan-failover.sh: WAN Status - Creating route 9.9.9.9 via 10.0.0.1 dev eth0
Jun 20 21:48:00 src@B88X wan-failover.sh: WAN Status - wan0 enabled
Jun 20 21:48:00 src@B88X wan-failover.sh: WAN Status - Creating route 9.9.9.9 via 10.0.0.1 dev eth0
Jun 20 21:49:00 src@B88X wan-failover.sh: WAN Status - wan0 enabled
Jun 20 21:49:00 src@B88X wan-failover.sh: WAN Status - Creating route 9.9.9.9 via 10.0.0.1 dev eth0
Jun 20 21:50:00 src@B88X wan-failover.sh: WAN Status - wan0 enabled
Jun 20 21:50:00 src@B88X wan-failover.sh: WAN Status - Creating route 9.9.9.9 via 10.0.0.1 dev eth0
I see the problem now, it's trying to create the route to dev eth0 when it should be ppp0 which means
Code:
nvram get wan0_ifname
is coming back as eth0.
Can you confirm that and also send me the command output of this:
Code:
nvram show | grep ppp0
 
I see the problem now, it's trying to create the route to dev eth0 when it should be ppp0 which means
Code:
nvram get wan0_ifname
is coming back as eth0.
Can you confirm that and also send me the command output of this:
Code:
nvram show | grep ppp0
Yes, thank you.
Code:
/tmp/home/root#:nvram show | grep ppp0
wan0_gw_ifname=ppp0
wan0_pppoe_ifname=ppp0

/tmp/home/root#:nvram get wan0_ifname
eth0

Later edit:
I did nvram get while on wan0 connected (not like I did all the tests: when stuck on wan1)
 
Yes, thank you.
Code:
/tmp/home/root#:nvram show | grep ppp0
wan0_gw_ifname=ppp0
wan0_pppoe_ifname=ppp0

/tmp/home/root#:nvram get wan0_ifname
eth0

Later edit:
I did nvram get while on wan0 connected (not like I did all the tests: when stuck on wan1)

That’s fine, it’s not changing either way based on logs so I see the situation and will have to make an update to resolve it so standby for an update later this week.
 
This morning I noticed something odd. There were two cron jobs for the wan-failover script. I edited the cron tab to remove the extra one. I rebooted the router, waited about 5 minutes, checked and there again was two cron jobs for the script. I rebooted 3 more times and checked the cron jobs and still only two, so at least it doesn’t appear to be continuing to add more cron jobs, just the two.
 
This morning I noticed something odd. There were two cron jobs for the wan-failover script. I edited the cron tab to remove the extra one. I rebooted the router, waited about 5 minutes, checked and there again was two cron jobs for the script. I rebooted 3 more times and checked the cron jobs and still only two, so at least it doesn’t appear to be continuing to add more cron jobs, just the two.
Send the output of them both, do you have it added to another startup script besides wan-event? The one created by the cron function will create it like this. If something else is creating the cron job with a different name but referencing the same script it will create it but the one from the script will check if it exists, create it if not and exit if it does based on the matching name.
Code:
cru a setup_wan_failover_run "*/1 * * * *" /jffs/scripts/wan-failover.sh run
Code:
*/1 * * * * /jffs/scripts/wan-failover.sh run #setup_wan_failover_run#
 
Last edited:
v1.4.9-beta Release:
Manually upgrade to this beta by running the following command" ***Allow for cronjob to relaunch the script***
Code:
/usr/sbin/curl -s "https://raw.githubusercontent.com/Ranger802004/asusmerlin/main/wan-failover_v1.4.9-beta.sh" -o "/jffs/scripts/wan-failover.sh" && chmod 755 /jffs/scripts/wan-failover.sh && sh /jffs/scripts/wan-failover.sh kill

To revert back to Production Release:
Code:
/jffs/scripts/wan-failover.sh update

Release Notes:
v1.4.9-beta
- Added delay in WAN Status for when NVRAM is inaccessible.
- Added support for Load Balance Mode
- Changed from using NVRAM Variables: wan0_ifname & wan1_ifname to using NVRAM Variables: wan0_gw_ifname & wan1_gw_ifname.
 
Send the output of them both, do you have it added to another startup script besides wan-event? The one created by the cron function will create it like this. If something else is creating the cron job with a different name but referencing the same script it will create it but the one from the script will check if it exists, create it if not and exit if it does based on the matching name.
Code:
cru a setup_wan_failover_run "*/1 * * * *" /jffs/scripts/wan-failover.sh run
Code:
*/1 * * * * /jffs/scripts/wan-failover.sh run #setup_wan_failover_run#

I figured it out. It was a brain fart on my end. I had copied the wan-failover.sh to wan-failover.sh.bak early on to keep a known good copy of the script. In my haste, I forgot to remove the ability of this copy to actually execute so…. when rebooting I guess it was also picked up and ran along with the actual script. Doh ! Sorry about that.

Now, it runs as expected. :)

BTW, what do the NVRAM changes in the latest beta improve?
 
I figured it out. It was a brain fart on my end. I had copied the wan-failover.sh to wan-failover.sh.bak early on to keep a known good copy of the script. In my haste, I forgot to remove the ability of this copy to actually execute so…. when rebooting I guess it was also picked up and ran along with the actual script. Doh ! Sorry about that.

Now, it runs as expected. :)

BTW, what do the NVRAM changes in the latest beta improve?
Well the one helps RT-86Us with their issue but I have limited feedback on that so not sure if it is 100% but i did get feedback it keeps the RT-86U from hanging. The other change is because in some cases (like using PPPoE) the interface and gateway interface are different but the route will always need to be created using what the gateway interface is so for most users nothing really changes much.
 
How much feedback have you gotten on Load Balancing operation with the Beta? I am tempted to try it, maybe in the morning when my wife is not on the ‘net. :)

I will admit that the Firewalla Gold will spoil you as it does all this seamlessly and it’s very easy to setup up. I just have this personal phobia about relying on them to stay in business to maintain functionality. It’s the same issue I had with the eero products, but at least they are backed by Amazon.
 
How much feedback have you gotten on Load Balancing operation with the Beta? I am tempted to try it, maybe in the morning when my wife is not on the ‘net. :)

I will admit that the Firewalla Gold will spoil you as it does all this seamlessly and it’s very easy to setup up. I just have this personal phobia about relying on them to stay in business to maintain functionality. It’s the same issue I had with the eero products.

Just a little, it works as expected. It deletes routes of the interface(s) that are down and adds them back when it is back online. Not a huge fan of the load balancing implementation by ASUS for 1. It's a basic algorithm based on the LB Ratio you set. 2. You have to disable AIProtection to use it. 3. You can't really use QoS with it optimally. Personally Failover Mode is better for my situation, I have a 1Gbps Up/Down Fiber connection as my Primary and 100Mbps/5Mbps as my Secondary WAN.

EDIT:
I tested Load Balancing Mode on my own set up and verified it worked as intended but as usual with these things (especially new features), something will always show up as a bug...lol.
 
I don’t run AiProtection or any QoS but as you stated, I really do not see a benefit of running it for my situation.

BTW, have I told you I love this script? It has allowed my to really simplify my setup.
 
I don’t run AiProtection or any QoS but as you stated, I really do not see a benefit of running it for my situation.

BTW, have I told you I love this script? It has allowed my to really simplify my setup.
Less is more sometimes and I'm glad it is valuable to you, hopefully the rest of the disappointed crowd with ASUS Failover find their way here to my solution, lol.

EDIT: I use AIProtection because I do Cyber Security Engineering as a Federal Contractor from home and I will say the AIProtection has "proven" itself as worth being enabled to be honest, can't elaborate on why but just saying it has worked well for me.
 
v1.4.9-beta Release:
Manually upgrade to this beta by running the following command" ***Allow for cronjob to relaunch the script***
Code:
/usr/sbin/curl -s "https://raw.githubusercontent.com/Ranger802004/asusmerlin/main/wan-failover_v1.4.9-beta.sh" -o "/jffs/scripts/wan-failover.sh" && chmod 755 /jffs/scripts/wan-failover.sh && sh /jffs/scripts/wan-failover.sh kill

To revert back to Production Release:
Code:
/jffs/scripts/wan-failover.sh update

Release Notes:
v1.4.9-beta
- Added delay in WAN Status for when NVRAM is inaccessible.
- Added support for Load Balance Mode
- Changed from using NVRAM Variables: wan0_ifname & wan1_ifname to using NVRAM Variables: wan0_gw_ifname & wan1_gw_ifname.
I have good news for us: PPPoE issue is solved. Big thank you Ranger802004!
wan1 (USB) is failback OK to wan0 (PPPoE) and is connected without checking box in Asus GUI, only using v1.4.9-beta Release.

So this version is working as failover and failback with PPPoE and USB dongle
Maybe because is so complex is not working by itself.
 
I have good news for us: PPPoE issue is solved. Big thank you Ranger802004!
wan1 (USB) is failback OK to wan0 (PPPoE) and is connected without checking box in Asus GUI, only using v1.4.9-beta Release.

So this version is working as failover and failback with PPPoE and USB dongle
Maybe because is so complex is not working by itself.
Thank you for the assistance of providing data to resolve this issue and I’m glad we were able resolve it. Thank you for the donation as well!
 
v1.5.0-beta Release:
Manually upgrade to this beta by running the following command" ***Allow for cronjob to relaunch the script***
Code:
/usr/sbin/curl -s "https://raw.githubusercontent.com/Ranger802004/asusmerlin/main/wan-failover_v1.5.0-beta.sh" -o "/jffs/scripts/wan-failover.sh" && chmod 755 /jffs/scripts/wan-failover.sh && sh /jffs/scripts/wan-failover.sh kill

To revert back to Production Release:
Code:
/jffs/scripts/wan-failover.sh update

Release Notes:
v1.5.0-beta
- Added delay in WAN Status for when NVRAM is inaccessible.
- Added support for Load Balance Mode
- Changed from using NVRAM Variables: wan0_ifname & wan1_ifname to using NVRAM Variables: wan0_gw_ifname & wan1_gw_ifname.
- Improved DNS Settings detection during Switch WAN function.
- Improved Switch WAN Logic to verify NVRAM Variables: wan_gateway, wan_gw_ifname, and wan_ipaddr are properly updated.
- Added warning message when attempting to execute Run or Manual Mode if the script is already running.
- IP Routes are now given a value of metric 1 when created during WAN Status checks.
 
Hello. Version: v1.4.6 . The problem is that after restarting the router, the connection is always on the secondary wan, and the primary wan is in constant hot-stanbay and does not switch to connected. It is solved simply by disconnecting the secondary wan cable and connecting it back. What could be the problem?
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top