Hi
I have two up links connected to by MX. Load balancing working. Can some explain why sometimes I am unable to get to the up link device which is not my primary WAN. The device on WAN2 has an IP address which is a different range of IP addressing than I am using around the normal network.
Sometimes I get to is, web service type portal, sometimes I do not get to it.
Kind regards
John
Solved! Go to solution.
Yes your situation is exactly what I meant.
No worries.
So the problem right now is that you are load-balancing. So if you're lucky your packet is NAT'ed towards the IP of WAN2 and sent outbound that way. So for as long that flow exists the page will be reachable.
However another time it's possible you get routed out the WAN1 port.
The MX will not take into account the IP subnet located at WAN ports when NAT'ing your packet. So normal routing will not work. Yeah I know, weird right.
So you have to actually configure the MX for IP traffic going to the 192.168.1.0/24 subnet use WAN 2 uplink.
So in Dashboard go to Security & SD WAN -> SD-WAN & Traffic shaping -> Uplink selection and add an internet flow preference. It should be obvious from there on.
You should use uplink preferences for this.
However you can only match using L3 and L4 information. Not the richer set the SD-WAN functionality has.
So to reach a certain subnet that is at a WAN interface of your MX you need to specify the uplink preference in the traffic-shaping configuration.
Beware: pingtests will not verify your configuration because for some reason icmp doesn't ever want to follow your preferences although you can actually set icmp as matching parameter...
Hi
not sure i am with you on the reply. Sorry.
My normal Lan is 10,0,100,0 the uplink device for WAN 2 has an ip of 192.168.1.1, in the browser if I type 192.168.1.1 at times I get the home page of the router device, sometimes i get site not reached.
Kind regards
John
Yes your situation is exactly what I meant.
No worries.
So the problem right now is that you are load-balancing. So if you're lucky your packet is NAT'ed towards the IP of WAN2 and sent outbound that way. So for as long that flow exists the page will be reachable.
However another time it's possible you get routed out the WAN1 port.
The MX will not take into account the IP subnet located at WAN ports when NAT'ing your packet. So normal routing will not work. Yeah I know, weird right.
So you have to actually configure the MX for IP traffic going to the 192.168.1.0/24 subnet use WAN 2 uplink.
So in Dashboard go to Security & SD WAN -> SD-WAN & Traffic shaping -> Uplink selection and add an internet flow preference. It should be obvious from there on.
Got it now. Many thanks