Hideki A. Ikeda (HidekiAI) [池田英紀] ["Tony" Ikeda] – BLog

This is my journal of setting up and troubleshooting RV082 Dual-WAN system. In this journal, I am using Firmware version : 1.3.2 (Nov 23 2005 21:04:24) as my settings.

Addendum: If you have upgraded to Firmware version 1.3.3.5 (August 9, 2006 00:40:14) (or later) and is looking for how-to’s for Bandwidth Management, there is a brief but reasonable tutorials at http://www.linksysinfo.org/forums/showthread.php?t=49330 which discusses how to setup QOS Rate Control. For me, I care more about general priorities than guaranteed bandwidth (min/max settings) for each services so I went with Priority settings and just told which services (i.e. HTTP and HTTPS for outgoing/upstream) should have highest priority.

Part 0 – Prerequisite

Backup your settings!  (System Management -> Settings Backup -> Export).

It’s trivial but we tend to forget to do this until it’s too late!  My suggestions is every small increment of changes, back it up with different filenames so you can revert back to it (Import).  Change the settings, test, and save…

Part 1 – Setup

Before you start, you must meet the requirements to setup Dual-WAN and also consider your goals of why you would like to have the Dual-WAN setup.

The requirements are:

• Two Wide Area Networks – Actually, if you are using RV082 as a router to route to clustered servers in internal network, it doesn’t have to be WAN, but for this journal, I am going to be using 1 static I.P. (WAN1 on cable MODEM) and 1 dynamic I.P. (WAN2 on ADSL MODEM) since most of us who has a SOHO are using RV082 for WAN purposes.
• No DMZ – Because WAN2 is also used as DMZ setup, you must sacrifice your DMZ for your 2nd WAN connection.
• Up/Down Bandwidth of ISP’s (Load Balance mode) – If you choose to setup your system for Load Balance mode, you would need to know the maximum upload and download bandwidth of each WAN settings.

Next, you must decide whether you would like to setup your RV082 for fault-tolerance via fail-over settings or load-balancing settings:

• Smart Link Backup – Smart Link is used if you want to have your RV082 switch from primary to secondary WAN connection when primary goes down. This is mostly useful for fail-over settings where you must have your WAN connected 24/7 and wish to switch back to primary when it comes back online.
• Load Balance – Monitors the inbound and outbound usage and attempts to balance the load algorithmically (Weighted Round-Robin) and by the way, for newer firmware v1.3.2 it handles both in and out bound (I read somewhere that it was only for load balancing in-bound back in 2005).

I’d imagine Smart Link Backup setup is more useful for internal system where you’d want to use the RV082 as a router to route from primary to secondary clustered servers when the main server goes down. Again for SOHO setup, I don’t see too much benefits of taking the Smart Link mode unless you need your in and outbound connection running 24/7. I have noticed that when I have the RV082 in either Smart Link or Load Balancing mode, as long as the MODEM is still turned on, it’ll try to send data to it (this is where the “Network Service Detection” mode comes in to play). Note that in Smart Link mode, when you want to select “Remote the Connection” when primary goes down so it’ll immediately fail-over to secondary. It should switch back to primary once primary starts being active (I guess that’s why it’s called “smart” link).

I’ve read somewhere that if you set your router in Round-Robin mode, it’ll have some issues on strict sites which expects single I.P. (such as secure online banking sites) to not work well. This may be the case and should be placed in your considerations. If your dual WAN is unbalanced, meaning one WAN has better bandwidth than another, it will always lean toward the wider bandwidth so you may not notice this. Sometimes, you can take this to your advantages, sometimes its disadvantageous. One way to always go round-robin is to lie to the setup and tell it that out-bound and/or in-bound are the same bandwidth. Or if you want the round-robin to be biased toward choosing one WAN out-bound over the other you can lie on the out-bound by setting the weight of that WAN with higher out-band bandwidth than it actually is. This is truly a hack, and as long as Linksys stays with the weighted round-robin model, it may work, if the model of load-balancing changes, you’ll have to seek other solutions.

Another suggestions for Smart Link would be that you’d have your secondary WAN setup as dial-up MODEM mode (which means that secondary would connect to a server box such as Linux or Windows with shared-connections) and when your primary goes down, it’ll temporarily switch over to the dial-up modem for outbound. I’ve used this method where outbound e-mail was critical method of communications of business. I guess if I had the dynaDNS for the dial-up MODEM box, I could possibly have handled inbound as well, if I had registered with the primary DNS of my domain name for both static and dynamic.

Don’t just read what I write here, study the HELP. One thing you will notice is that the options and HELP descriptions will change depending on the mode you choose. You will notice that when you switch to Load Balancing mode, you will get 2 new settings of “Bandwidth” and “Protocol Binding” which you won’t see if you have it set to Smart Linkup Backup mode. The help for Bandwidth and Protocol Binding as well won’t show up unless you’re on Load Balance settings.

I think of all the settings, once you understand the basics, only confusing part would be the Protocol Binding in Load Balance (Auto Mode). First, the snippet of what it says in the help descriptions:

Protocol Binding
RV082 supports the Protocol Binding functionality. It allows users to specify the internal IP or/and Service going through the specified WAN port.

Service: Users can choose the Service from the drop-down menu, or click the service management to add new Service. The default Service is SMTP. Source IP: Users can specify the internal IP to go through the specific WAN port. If users need the Service Binding only, users don’t need to fill in the Source IP, and the default of Source IP is zero.

Destination IP: Users can specify the specific Service from the internal Source IP to Destination IP go through the specific WAN port, and enter the Destination IP. If users need the Service Binding only, users don’t need to fill in the Destination IP, and the default of Destination IP is zero. If users need IP Binding only, please select All from the Service drop-down menu.

Interface: Choose WAN1 or WAN2.

Enable: Users can check the enable box to enable this Protocol Binding rule.

Click Add to list button to add the Protocol Binding rule to list, and users can set up to 30 rules, or click Delete selected application button to delete the selected rule.

After reading this, my first instincts were to select All from the Service drop-down menu to see what happens. The error you would get is:

When “All Traffic”, Source IP and Destination IP are configured as zero, all services will be directed to the specified WAN interface without going through other WAN ports. Please enter either Source IP or Destination IP.

You don’t need to do any of it, but there is one thing you must do due to currently unsolvable bug on the RV082 (or something, I’ve no clue). Make sure to only check the “Default Gateway” and leave the “ISP Host”, “Remote Host”, and “DNS Lookup Host” unchecked! If you check these on, you will get an error (at least I am).

Addendum (2008-03-02): If you are load-balancing between static I.P. and dynamic I.P. (for example, you have a static I.P. business account on your cable MODEM and DHCP based account on your ADSL), you might have guessed (or experienced) it but on most consumer accounts will filter certain ports (commonly port 80 and 25).  Not only because consumer accounts are discouraged (read your contract) to run servers but because of potential worms and SMTP-relay issues.

Now with that said, suppose you are hosting your own SMTP and Web server.  This is the case when you want to have the Protocol Binding in place.  You want to make sure you bind the ports 25 and 80 to your static I.P. address.  This will tremendously increase the performance of your network servers.  Without the binding, the router will attempt to load balance and potentially use the DHCP ISP, in which they filter your packets and your mail/SMTP and web/HTTP servers will wait and wait until it does the TCP timeout.

By assigning the port to specific WAN port, you will eliminate this issue and you’ll see your sluggish server come back to life.  I’ve experimented with Bandwidth Management and tried to reduce the chances of SMTP and HTTP upstream to “Low” for the DHCP I.S.P. (by setting it to “Low”, you have only 10% chance compared to “High” is 60%) but some of the routing still went towards the DHCP ISP.  My ISP for example will cause my ADSL MODEM to go into this weird state as if it has been reset every time RV082 routed port 25 and/or 80 to them.  So for me, I cannot even gamble on this 10% chance and rather, I’d made sure to do the “right way”.

Part 2 – Load Balancing Tweaks

In most cases, it should be transparent and trivial to setup load balancing setup on your RV082. It should automatically load balance based on the bandwidth you set in in and out bound for WAN1 and WAN2.

As the documentation mentions, the method chosen is Weighted Round-Robin, which basically will be biased toward choosing the WAN which has more bandwidth.

For example, if your WAN1 has inbound of 1024 and outbound of 384, while WAN2 has inbound of 3072 and outbound of 512, majority of your outbound (uploading) traffic will be biased toward WAN2.

If both of your WAN outbound bandwidth are the same but you’d like to have it biased toward one WAN over another, although it sounds hacky, you can take this characteristics to your advantage and purposely set your WAN outbound bandwidth a little bit higher than the other.

For example, both WAN1 and WAN2 has outbound bandwidth of 512 but WAN1 is static I.P. (associated to your domain name) and WAN2 is dynamic. Because WAN1 is static, all incoming requests for SMTP and HTTP are arriving from WAN1, meaning it will outbound that SMTP/HTTP request from WAN1. This means you’d want to keep the WAN1 as much as possible dedicated for your normal business purpose and have all your local clients use WAN2 as much as possible. You can normally setup the Protocol Binding and make all of the local I.P. to choose WAN2 for outbound but there is an annoyance problem involved in this…

The issue is that SourceIP is fixed to XX.YY.ZZ.aa where XX.YY.ZZ is based off the router IP. This is annoying when you have a DHCP with different local I.P. address. Meaning, if you have DHCP disabled on your RV082 because you run your own DHCP.

Possibly, you have a method where each VLAN to have different I.P. address, i.e. VLAN1 is all the servers and is 192.168.10.XX (and you also set your RV082) while VLAN2 is 192.168.11.XX, the SourceIP is fixed to what the RV082 is set as, so it’ll force you to only choose 192.168.10.XX as source.

NOTE: In regards to VLAN, one thing to remember is that UDP broadcast does not work between VLAN to VLAN. This can be an advantage if you don’t want any noise on all connection to VLAN2 to be SPAM’ed from VLAN1, but if you are not aware of this, you’d be wondering for hours trying to figure out why when you UDP broadcast, the other hosts/PC’s are not hearing it.

So what you can do is take advantages of the Weighted Round Robin Load Balancing and falsely set the outbound bandwidth for WAN2 to be bigger than WAN1. This will cause the RV082 to be biased toward WAN2 for any outbound traffics (i.e. your local users wants to video conference with outside parties, in which s/he just happens to contact the outside party, in this case, the local user will be bounded to WAN2, leaving WAN1 for normal business).

Part 3 – DNS Local Database

Although I don’t use the DHCP options in RV082, I take full advantage of the “DNS Local Database” in the DHCP page and so should you. You don’t have to enter all the name lookups, just the critical ones such as your local servers. I usually add the registered domain name and its static I.P. address in this table as well, especially if you have multiple domain names registered to same I.P. address. Tracert will only take a single hop…

Comments and/or questions can be left at here

Related posts

• Linksys RV082 Documented and Undocumented (hidden) pages (0)
• Use your O/S to Multi-Process (0)
• Linux Partition Size (0)
• Linksys RV082 Load-Balancing Page (0)
• Android: First Encounter (AT&T/Cingular) (0)