Help with Setting Up WAN Failover

[byalexandr]

Hey all,

 

I decided to add a second ISP to my home network for WAN failover, and got a TP Link FR365 router to do so. Just for reference, I have AT&T Fiber (1Gbps) with a BGW-210 gateway as the primary WAN (WAN2 on the TP Link router), and Verizon 5G home internet (300Mbps) with an ARC-XCI55AX gateway as the secondary WAN (WAN/LAN3 on the TP Link router). I would like the TP Link router to, by default, use the AT&T ISP (WAN2) which has historically been unreliable, and when that drops connection it fails over to the Verizon ISP (WAN3).

 

I put both ISP gateways in passthrough mode, but in the TP Link router settings, it is showing a local network IP address (192.168.1.xx) for each WAN port and not the public IP address being passed through from each ISP gateway. The connection 'works', but it is just as though the TP Link router is a 'middle man' between the primary WAN (AT&T gateway), as when I unplug the ONT from the AT&T gateway the WAN failover does not occur.

 

I have no idea what changes I need to make to the devices' IP addresses and DHCP server settings. I was able to add the TP Link device to the Festa cloud based network management, where I set up the WAN failover and load balancing, but it is showing the device as offline in the Festa app so it is not propagating my balancing/failover settings.

 

Any help would be much appreciated, particularly what I need to do as far as DHCP settings on each device, what to set the device static IP addresses to, etc.

[byalexandr]

I turned off DHCP on both (the AT&T router I had to disable it manually, but the Verizon router turned it off automatically once I turned on IP passthrough). However I am still just on the AT&T router network, my TP Link router is just a 'middle man'. The DHCP server on the TP Link router is on a different subnet (192.168.0.x) than the ISP routers (192.168.1.x) but I'm not sure if that's an issue or not.

 

I still have Internet access when connected to the TP Link router, and can access both admin interfaces at their respective static IPs, but I cannot ping the public IP address of either ISP router.

[byalexandr]

11 hours ago, byalexandr said:

I turned off DHCP on both (the AT&T router I had to disable it manually, but the Verizon router turned it off automatically once I turned on IP passthrough). However I am still just on the AT&T router network, my TP Link router is just a 'middle man'. The DHCP server on the TP Link router is on a different subnet (192.168.0.x) than the ISP routers (192.168.1.x) but I'm not sure if that's an issue or not.

 

I still have Internet access when connected to the TP Link router, and can access both admin interfaces at their respective static IPs, but I cannot ping the public IP address of either ISP router.

Well after some more configuring it looks like the TP Link router (Festa FR365) has sh*t the bed. It stopped broadcasting WiFi outright and doesn't connect to LAN, even after restarting it multiple times and hard resetting it.

 

I am going to return the router to Amazon; are there any recommendations for a good dual/multi WAN port router, preferably with NO cloud based controller (I really hate the Festa controller after attempting to use it) and with dual band (2.4 and 5GHz) WLAN? The WLAN is not 100% necessary as I can set up an AP but is preferable. I am looking at MikroTik routers as they feature ISP bonding (which is pretty much unavailable on any consumer grade/priced devices) which to me is a huge plus. Although most of their devices only have Gigabit Ethernet which would be the bottleneck anyways if I were to have an aggregate 1.3Gbps throughput.

[Donut417]

8 hours ago, byalexandr said:

am going to return the router to Amazon; are there any recommendations for a good dual/multi WAN port router,

I have a synology RT 2600AC they do have a WiFi 6 version now. The SRM software the router uses is good. While mine does support Dual WAN and 4g LTE via the USB port, I have not tested the feature. But the software was easy to setup. 

 

https://www.synology.com/en-us/products/RT6600ax#specs this is the newer WiFi 6 version. 

[byalexandr]

1 hour ago, Donut417 said:

I have a synology RT 2600AC they do have a WiFi 6 version now. The SRM software the router uses is good. While mine does support Dual WAN and 4g LTE via the USB port, I have not tested the feature. But the software was easy to setup. 

 

https://www.synology.com/en-us/products/RT6600ax#specs this is the newer WiFi 6 version. 

I ended up buying a Cisco RV340 along with a Ubiquiti U6+ and a PoE+ injector for it. Should all arrive tomorrow and from the documentation it seems pretty simple to set up.

 

I am still sort of lost on the IP address assignments and DHCP server. I understand now that only the router connecting both ISP gateways should have DHCP turned on, but I don't know if each ISP router should be on a different subnet or if it matters. I am going to leave the AT&T gateway on the 192.168.1.x subnet, but I am thinking of changing the static IP on the Verizon gateway to the 192.168.2.x subnet (currently it is still on 192.168.1.x subnet like the AT&T gateway, just a different default gateway IP) and then my DHCP server and subsequently all the devices on the network would be on the 192.168.0.x subnet.

 

Passthrough mode on the AT&T BGW-210 seems to produce some very odd behavior, like it's not actually in passthrough mode. I can turn off DHCP and put it in passthrough mode but it will still assign out IP addresses as though it is still turned on (and on the same subnet, not on a fallback IP). Perhaps it was just because the lease hadn't expired yet but I'm not sure. The Verizon gateway was pretty simple and turned off WiFi and IP assignment automatically when I turned on passthrough mode.

[Donut417]

42 minutes ago, byalexandr said:

Passthrough mode on the AT&T BGW-210 seems to produce some very odd behavior, like it's not actually in passthrough mode.

Their pass thru mode is shit from what I have read. Thats why some people have figured out roundabout ways of by passing the gateway. It's a pain the ass from what I have read. 

[byalexandr]

43 minutes ago, Donut417 said:

Their pass thru mode is shit from what I have read. Thats why some people have figured out roundabout ways of by passing the gateway. It's a pain the ass from what I have read. 

I've tried bypassing the gateway before too with a pfSense router that spoofed the MAC address of the gateway so it could authenticate with the separate ONT. I guess AT&T updated their firmware or something as I could not get the two to negotiate a connection and take the crappy BGW-210 out of the picture.

 

Anyways, I got the home network mapped out - this is how I will run it:

 

The Verizon gateway is upstairs in the 'game room' as that's where the 5G signal is best. The AT&T gateway is downstairs in the living room and is coupled to the ONT outside the house via SRV-2 inside the media enclosure in one of the closets. The Cisco router and Netgear switch are also inside the media enclosure and grab LAN from each of the ISP routers and send the LAN from the Cisco router to the switch and out to all the rest of the RJ45 jacks in the house. The yellow one going to the kitchen will have a PoE+ injector before it exits the media enclosure to the kitchen where I'll mount the Ubiquiti AP on the ceiling.

 

Should be a pretty reliable setup so long as I can get each of the ISP routers and the Cisco router configured correctly.

[byalexandr]

Just a last update - I was able to get everything working with the Cisco RV340. Quite the enterprise grade appliance and I like it very very much, was well worth the price and just plain works.

 

I left it in failover mode instead of changing both WAN ports to a precedence of 1 which enables load balancing. From there I configured the network detection settings to ping the Google DNS (8.8.8.8) instead of the default gateway, as it is unlikely my gateway would be disconnected from the Cisco router but very likely the AT&T gateway could be disconnected from the Internet (and thus the Cisco would not see that the connection is actually down). I verified the failover is working by unplugging the AT&T gateway from the ONT so all is good.

 

As far as the DHCP configuration and which subnets I used, whenever I put the ISP provided routers in bridge mode (passthrough), I noticed it just passes the public IP address over to the Cisco router (and I see these in each WAN connection on the Cisco admin interface), so it didn't really have any influence on what subnet the local network needed to be on. Regardless, I still changed the static IP and the DHCP server on the Cisco router to use 192.168.80.x as my work VPN uses the subnet it was originally using (just to avoid any weird issues).

 

The Ubiquiti U6+ AP is very nice, I mounted it on the ceiling in my kitchen which is central in the house and it has good coverage of the 5GHz band and excellent coverage of the 2.4GHz band. It gets about 600-700Mbps down when close to the AP, and the LAN connection on my desktop PCs are fully saturating the Gigabit connection.

 

Here is the media enclosure setup now (with the ISP provided gateways in other areas of the house):

 

 

Hopefully I have very reliable Internet now that I have two ISPs and automatic failover. Took a while to figure it out but happy with the results.