Multi-WAN introduction
- MESHdesk and APdesk now offer multi-WAN support.
- This allows you to ensure that your customers are always connected.
- The multi-WAN feature includes the following options- Support for a number of Ethernet ports that can be used as a WAN connection.
- Support for up to three radios that can be used for WAN over WiFi.
- Support for up to six LTE modems.
 
- You can use any combination of these connection types and customise them to your needs.
- We offer two modes:- Load balancing
- Failover
 
- In load balancing mode, the active and standby connections can in turn be grouped and weighted (to distribute traffic).
- Next, we will look at the Multi-WAN Profiles applet and finally see how easy it is to apply these profiles to devices.
Multi-WAN Profiles
- The Multi-WAN Profiles applet is located under the Other selection.
 |}}
|}}
Anatomy of a multi-WAN profile
- A functional multi-WAN profile consists of the following:- A name, which can be thought of as a kind of folder, under which the interfaces are grouped. There is also a site-wide option that makes the multi-WAN profile available for all clouds in RADIUSdesk.
- One or more interfaces that are used for WAN access.
 
Gentle reminders
- There are two gentle reminders with instructions on how to make the multi-WAN profile usable.
- The first reminds you that you need to add at least one interface.
 
- The second reminds you to apply a policy after you have added an interface to the Multi-WAN profile.
 
- Each Multi-WAN profile has an associated policy.
- Here you define the mode of the multi-WAN profile and the weighting of the individual interfaces as well as the role in the event of failover mode.
 
- Once you have applied the policy, the multi-WAN profile is ready for use.
- Next, we will look at the settings that are triggered when an interface is marked as down or up.
When to switch sides
- For each interface you define, there is a separate area where you can specify the conditions under which the respective interface is considered unavailable / offline.
- Here are some things to keep in mind when customising some values.- Active monitoring, where the hosts are pinged, is not mandatory
- If it is not enabled, the multi-WAN configuration will still monitor whether the interface itself is available or unavailable and act accordingly.
- Some of the more popular hosts used for ping testing may limit the number of responses or not respond at all.
- This can lead to a false trigger and also to the device being unreachable on the specific interface (e.g. for accessing the device via ssh or Luci).
 
 
Application of a multi-WAN profile
Applying a multi-WAN profile
- When you connect a device to a Mesh or Access Point profile, you have the option of selecting the type of Internet connection.
- If you select the Multi-WAN option, a further selection field is displayed in which you can select which Multi-WAN profile you want to apply.
- Remember that the Multi-WAN profile and the hardware must be compatible. For example, you cannot use a Multi-WAN profile with an LTE interface on hardware that is not LTE-capable.
 
Multi-WAN reporting
- Multi-WAN Internet connections are visually recognisable in the overviews of the mesh nodes and APs.
 
- In the following screenshot we have an access point with a multi-WAN profile in failover mode.- The WAN interface is active.
- The traffic allocation is 100%
- Two LTE interfaces are in the standby role.
- They are actively monitored and are therefore marked in blue as being in standby mode.
- The WiFi interface is not actively monitored but the interface itself is up.
 
 
- Next, we introduce a scenario that triggers a failover.
#We block ping packets from being sent on the host to which the access point is configured. #This will trigger a failover sudo iptables -A INPUT -s 197.64.14.100 -p icmp --icmp-type echo-request -j DROP #We remove the block #This leads to a fallback. sudo iptables -D INPUT -s 197.64.14.100 -p icmp --icmp-type echo-request -j DROP
- Failover triggered
 
- Ping block is removed and the active role connection is restored.
