Ubiquiti EdgeRouter Multi-WAN Failover and Port Forwarding
Oct 22, 2016
Ubiquiti is known for their awesome wireless access points, so a year ago I decided to pick up one of their routers. Based on the reviews I could tell it was another great product but not one for novices. With one of their recent system images (1.6.0 I believe, but I’ll be using 1.9.0) they added an easy config wizard for load balancing. With this you can setup multiple WANs and even setup one as “failover only”. I decided to signup for the absolute cheapest Comcast plan ($29.99 per month for 25/5) for use with the load balancing feature. Surprisingly it was very easy to get setup. I already had the modem so I just had to call up Comcast and get activated.
Once that was done, configuring the router was as simple as following the “Load Balancing” wizard. Port forwarding, however, only supports a single WAN interface. So, what you need to do is go through the “NAT” tab and add DNAT rules for each port you plan to forward and then edit the “Firewall Policies” for “WAN_IN”. Easy enough. It’s only two steps per port.
eth0 and eth1 are WAN interfaces, eth2 is LAN.
Use the normal “Port Forwarding” option for your primary gateway and the above options for your secondary gateway. When the network goes down on eth0, it will failover to eth1 and your forwarded ports will still work just fine.
The default health test uses the server ping.ubnt.com. This can be changed to an IP address so DNS lookups are not needed.
configure
set load-balance group <name> interface <name> route-test type ping target 8.8.8.8
commit
save
exit
$ show load-balance watchdog
Group G
eth0
status: Running
pings: 249
fails: 0
run fails: 0/3
route drops: 1
ping gateway: 8.8.8.8 - REACHABLE
last route drop : Mon Nov 28 15:15:34 2016
last route recover: Mon Nov 28 15:26:32 2016
eth1
status: Running
failover-only mode
pings: 274
fails: 0
run fails: 0/3
route drops: 0
ping gateway: 8.8.8.8 - REACHABLE