WAN Balancer

From Edge Threat Management Wiki - Arista
Jump to navigationJump to search

    WAN Balancer
Other Links:
WAN Balancer Description Page
WAN Balancer Demo
WAN Balancer Forums
WAN Balancer Reports
WAN Balancer FAQs

About WAN Balancer

WAN Balancer works in conjunction with multiple ISPs to distribute your traffic across multiple connections. It will decide dynamically which WAN connection to send traffic over, maximizing your bandwidth usage.

You may also consider using WAN Failover in your network as well - it automatically reroutes traffic over working WAN links when one fails. If WAN Failover is running and detects a WAN as being down WAN Balancer will not balance traffic to that WAN.


This section reviews the different settings and configuration options available for WAN Balancer.


This tab displays information and statistics for each WAN interface.

Traffic Allocation

On the Traffic Allocation tab, you set the weighs for each WAN connection. If you only have one WAN defined, you will only see one interface listed here. Simply enter the weighting you desire, check that you are good with the percentages assigned to each WAN, and hit save.

As each WAN Balancer processes each new session it decides which WAN it will use to send this traffic if there is no local route for the traffic. If traffic between these two IPs has taken place recently then there is likely a route already in the cache. If so, this route will be used to send this new session. This is to assure that all traffic between two IPs uses the same WAN consistently to avoid issues with cloud services.

If there is no route in the cache, then a WAN will be chosen based on the hash of the source and destination and the weights given in the Traffic Allocation settings. Not that the traffic allocation weights don't determine exactly the percentages of traffic over the various WANs, only how sessions will be assigned to various WANs.

Route Rules

Route Rules determine which WAN will be used for traffic going to the internet (traffic with no local route). As described in the rules documentation, the Route Rules are evaluated in order for new sessions and the first matching rule will determine which WAN interface is used. If no matching rule is found or the first matching rule has a Destination WAN set to Balance then the session will be randomly assigned a route based on Traffic Allocation settings. A limited set of conditions are available to WAN Balancer Route Rules which include source, destination, port and protocol.

This allows you to specify which WAN is used for certain traffic based on a variety of conditions. For example:

  • To put all one server's traffic on a specific WAN add a rule with condition "Source Address is server_ip" and the Destination WAN is the WAN to be used.
  • To put all SMTP to go out a specific WAN, add a rule with "Destination Port is 25" and the Destination WAN is the WAN to be used.

This can also be useful if you have one connection with less throughput but lower latency. In this case you can specify that all VOIP or latency sensitive traffic use the lower latency connection.

Note: Unlike Routes, Route Rules that route traffic to a WAN that is down will automatically balance traffic to one of the active WANs. For example, if a rule says to send all port 25 traffic to WAN2, but WAN Failover knows WAN2 is down, this rule will effectively mean Balance which means the session will be put on one of the other active WANs.

Note: Routes and routes based on the network configuration always override Route Rules. Route Rules only apply to sessions that have no local route based on configuration on routes in Routes. Route Rules are basically a suggestion that the traffic be routed out a specific WAN if no other route says where to send it.


The Reports tab provides a view of all reports and events for all traffic handled by WAN Balancer.


This applications reports can be accessed via the Reports tab at the top or the Reports tab within the settings. All pre-defined reports will be listed along with any custom reports that have been created.

Reports can be searched and further defined using the time selectors and the Conditions window at the bottom of the page. The data used in the report can be obtained on the Current Data window on the right.

Pre-defined report queries: {{#section:All_Reports|'WAN Balancer'}}

The tables queried to render these reports:

Related Topics

WAN Balancer FAQs

I installed and configured WAN Balancer, but nothing is happening. What should I do?

Make sure each ISP's interface has is WAN Interface? checked at Config > Network > Interfaces and has all of the required information properly entered. You'll also need to verify WAN Failover has tests set up for each WAN connection. If you're only using WAN Failover, you'll need to disconnect your primary WAN to get traffic to flow over the secondary. Also verify your interface weights are set properly.

Are the bandwidth settings percentages? 💡

No - enter bandwidth numbers for each connection that are relative to each other and Untangle will determine the proper percentages. The percentages will be displayed as numbers are entered to help you determine the proper weighting.

Why is some of my internet traffic being stopped?

Check the status of your WAN Failover service. If it has been uninstalled, is turned off or is not functioning normally and you have lost one of your internet connections, WAN Balancer may still be pushing traffic out of the down WAN.

If a route rule specifics that certain traffic should always use one WAN, what happens when that WAN is down?

If that WAN is down (and you're using WAN Failover) the traffic will be pushed out any other WANs that are still online. When those WANs come back up the route cache is flushed and they will return to their WAN.

Does WAN Balancer bond my connections?

No. A bonded connection combines the bandwidth of multiple internet connections from a single ISP into a single physical connection, often requiring additional hardware at each end of the connection.

How does WAN Balancer handle services that use the IP as the primary key or authentication mechanism? 💡

Some sites and services use the source/client IP to identify users which can cause issue if the service uses multiple sessions as when balancing across several WANs subsequent sessions could exit another WAN and thus us a different source IP. To avoid these type of issues all sessions that are randomly assigned a WAN based on the weights (balanced) will continue to use the same WAN for all connections between a given internal IP and external IP. In other words, all sessions between A and B are sticky to a specific WAN.

How is traffic routed when WAN Balancer is not installed? 💡

Traffic is routed based on the routing table. If you have multiple WAN interfaces, then multiple default gateways are present in the routing table. In this situation and without WAN Balancer Internet traffic is arbitrarily sent via either link. WAN Balancer enables you to have more control over how Internet traffic should be routed.

Is bypassed traffic still routed according to WAN Balancer Route Rules? 💡

Yes. WAN Balancer writes rules directly to iptables. No decisions are made in the UVM, so bypassed traffic is still routed according to those rules.