Dual WAN, DDNS, Wireguard, self hosting issues...

Comments

10 comments

  • Avatar
    Firewalla

    When you are using Dual WAN, are you using load balancing or Primary/Standby? 

    0
    Comment actions Permalink
  • Avatar
    Putnamj

    I have it running in load balancing.  To keep a long story short, the ISP contracted out to the housing units here were tasked to solve a whole home wifi issue.  So, their fix was to drop a 100M fiber modem upstairs and a 100M fiber modem downstairs.  I won't complain since the 2x 100M lines are faster than my old 50M ADSL line.  

    I am setting it to 60/40 (in favor of ETH0), see if that changes anything.

    0
    Comment actions Permalink
  • Avatar
    Putnamj

    3 AM update, DDNS swapped to ETH1.

    0
    Comment actions Permalink
  • Avatar
    CCPK1

    I'm seeing similar issues with my load balanced WAN.  Here is what I've done so far:

    1. Feature Request - Limit Wireguard VPN to specific WAN link – Firewalla (Vote up if this would help you)

    2. Feature Request: Dedicated DDNS for Multi-WAN – Firewalla (Vote up if this would help you)

    On the second, there are some example scripts and docker ideas that might allow you to keep you own DDNS updated with the correct link. 

    I have a few ideas about manually configuring wireguard to use my DDNS and just manually setup the forwarding on that individual WAN interface, but haven't gotten around to trying it yet.

    1
    Comment actions Permalink
  • Avatar
    Support Team

    Thanks for the feedback. We have an upcoming feature in 1.974 to support both 1 and 2 above.

    1
    Comment actions Permalink
  • Avatar
    Putnamj

    CCPK1, 

    Thanks for linking those two feature request, they will definitely get an upvote from me.  As for the other ideas, I am currently running a docker container to keep my domain updated.  

     

    0
    Comment actions Permalink
  • Avatar
    Putnamj

    I might have found a fix…. I set a route for the firewalla.org domain, for all LAN devices, interface Ethernet0. The DDNS record has been from modem one for the last couple of days.

    0
    Comment actions Permalink
  • Avatar
    Putnamj

    Latest update, that seemed to work for me. My record for the last couple of days has been based off of the primary WAN public IP (Ethernet 0).

    0
    Comment actions Permalink
  • Avatar
    CCPK1

    Thanks for providing the follow up.  I'm curious... if your Ethernet0 gets disconnected, of course your VPN won't work, but are you still able do administration of your Firewalla with that route in place?  Thanks

    0
    Comment actions Permalink
  • Avatar
    Putnamj

    Well reporting back that it didn’t end up solving the issue.  This morning when I couldn’t connect via WireGuard I saw that the IP reverted back to the second modem.  For the last couple days I guess my timing was super lucky when checking the built in DDNS…. 

    0
    Comment actions Permalink

Please sign in to leave a comment.