Multi-WAN configuration allows you to classify, segregate, and route traffic from LAN devices to different WAN interfaces. For each LAN device or application, you can select possible WAN interfaces, and configure policies for dynamically routing traffic between the LAN and WAN.
In practical terms, you can configure your router for the following scenarios:
Switching the active WAN link between different carriers.
Enabling multiple WAN links, and securely routing traffic from different carriers to separate LAN applications. For example, routing Carrier A traffic to a passenger Wi-Fi access point and routing Carrier B traffic to operational data (location reporting, fare payment information, etc.)
Switching the active WAN link between cellular and Wi-Fi based on selectable criteria: signal strength, or vehicle speed, for example.
Maintaining dual active WAN links, and routing specific types of traffic to each link. For example, you may want to download large video files using a slower-yet-more affordable WAN connection.
The diagram below shows a dynamic routing policy for a single LAN input.
Initializing Table Of Contents...
Features and Benefits
Traffic flows are classified by LAN segment, source IP, destination IP, destination port, and IPv4/v6 address family. Each traffic flow can be assigned a prioritized ordered list of WAN interfaces over which the data is sent.
The active WAN link with the highest priority is used for traffic flow unless additional Multi-WAN rules are defined.
The selection of which WAN interface to use for each traffic policy can be further refined based upon multiple criteria (Multi-WAN rules):
Roaming: Is the cellular device actively roaming?
Signal Strength: Does the cellular or Wi-Fi connection have a suitable signal strength?
SSID: Is the Wi-Fi device connected to a particular set of SSIDs?
Speed: If vehicle speed is available (via GNSS data or telemetry), is the vehicle below a speed threshold?
Defining WAN Policies
This section shows you how to define the various WAN policies that determine how your router maintains or switches its WAN connnectivity.
WAN policies can be configured under Networking > WAN Policies.
Under Policy Route Management, you can configure the top-level rules for data traffic management between LAN and WAN.
Policy-based rules define the WAN devices that can carry various types of data traffic. You can select the traffic type based upon LAN bridges/zones, specific services (ports), and specific source and destination addresses.
In the case that you have rules with overlapping elements, you can assign a priority to your rules, from 100 to 999. For example, if you have a rule with Source IP of 192.168.1.100 at Priority 100 and a rule with Source IP of 192.168.1.1⁄24 at Priority 101, traffic from 192.168.1.100 is routed to 192.168.1.100, and the other rule is ignored.
AirLink OS has two default rules already defined: the default routes for IPv4 and IPv6 traffic (priority 998 and 999 respectively). These two rules allow you to define the devices used to carry IPv4 and IPv6 traffic. They use the default system WAN zone. You can edit the WAN Output(s) fields to use other zones.
Click to return the default policy based rules to default.
Enabled: Sets whether the policy rule is active or not
Name: A description for the policy.
LAN Input(s): Specifies the source of the traffic. If left blank, the policy applies to all traffic. You can select LAN bridges (configured under Networking > Zones > Bridges) or LAN Zones.
WAN Output(s): Specifies the ordered list of interfaces the traffic can be carried over. This can be configured using a Zone or specific WAN interfaces. Default policies use the WAN zone to define the default device order. The default device preference is Ethernet, Wi-Fi, Cellular, and finally USB interfaces (USB interfaces may not be implemented yet).
To change the order, you can either select interfaces in priority order, or you can define a new Zone. Zones are configured under Networking > Zones > System Zones.
For example, if traffic from Default-LAN should use Cellular 1 first, then Cellular 2 (if Cellular 1 is unavailable), you can select Cellular 1 and then Cellular 2. Alternatively, you can create a new zone called MyZone with Cellular 1 and Cellular 2. Then MyZone can be applied to any policy rule.
Service(s): Specifies a protocol/port number to identify the traffic. If left empty, all traffic types (TCP, UDP, ICMP) will be matched against this policy. You can configure Services at Networking > Zone Settings > Services.
Source IP and Destination IP: Specifies a source/destination to match against this traffic (either IPv4 or IPv6). You can enter an IPv4 or IPv6 IP address, and AirLink OS will validate it. Note that if both IPv4 and IPv6 traffic is to be selected, two policies must be created.
Priority: Defines the order in which policies are evaluated, in ascending order. For example, if you create a rule with priority 100, it will apply first and override the default 998 and 999 policies. Each policy must have a unique priority; AirLink OS does not allow policies with identical priorities.
Confirming Your Configuration
Go to Status/Monitoring > Networking > Multi-WAN to see your configured policy routes and priorities.
WAN Selection Criteria
When selecting an WAN interface from the set of interfaces defined in WAN Output(s), whether it be for the default IPv4/IPv6 traffic or your own policies, the default ranking is based on:
Whether the interface is connected or not (has an IPv4/IPv6 address)
The user-defined (or system default) order for traffic
Link validation: whether the interface has internet connectivity
You can enable/disable Link Validation under Networking > Monitoring Rules. Link Validation uses a DNS query and ping to the target ping primary/secondary server.
Link Validation is only used when comparing two WAN links. If a link does not pass validation, it is passed over in favor of a link that is validated. This prevents situations where a link that is generally preferred incorrectly replaces a link that is already known to be validated.
To further refine how the system determines which interface is usable, you can apply additional rules (metrics) to your Multi-WAN Policies beyond basic network connectivity. These rules include Roaming Avoidance, Signal Strength, connected Wi-Fi, and current vehicle speed. You can configure these rules in their respective policy definition tables described below.
Wi-Fi interfaces are classified as usable based upon Signal Strength, connected AP (SSID), and current vehicle speed.
Cellular interfaces are classified as usable based upon Signal Strength and current roaming status.
Ethernet interfaces are classified as usable based upon current vehicle speed.
You can use these rules to coordinate WAN switching in the following example scenarios:
Wi-Fi depot scenarios, where the interface should not be used if the signal strength (Signal rule) is too weak, or if the vehicle is moving (Speed rule)
Cellular hand-off scenarios: When two cellular providers (two SIM cards) are used for coverage, if one of the SIM cards is roaming, then it should not be used (Roaming rule).
WiFi/Cell handoff: Stop using Wi-Fi after the vehicle starts moving and exceeds the speed threshold.
Selection Evaluation
Importance - A rule (signal strength, roaming, vehicle speed, connected SSID) can be either defined as Mandatory or Optional. If a rule is defined as Mandatory, the interface will only be considered usable if the rule’s criteria is met. If it is defined as Optional, then the interface may be used if no other interface is available, no matter the state of the rule.
Multiple rules can be applied against an interface in the same policy.
The final device used for the policy is calculated as follows. For each connected interface in preferred prioritized order:
If all rules (both mandatory and optional) are met and the link is validated (passes connectivity tests), use this interface.
If no interface is found from 1, choose the interface that has the lowest number of un-met optional rules. In all cases, if a mandatory rule is not met, the interface will never be used.
In all cases above, a link validation is ignored if no link can be found that is validated. If at least one link is validated, that link will be used.
Link Selection Examples
= rule evaluated to be usable
= rule evaluated to not be usable
= rule evaluated to not be usable but configured as Optional
In the table below, the chosen interface would be Wi-Fi.
WAN OUTPUT PRIORITY ORDER:
WI-FI
CELLULAR 1
CELLULAR 2
Speed policy
Roaming policy
Signal policy
Validated
In the table below, the chosen interface would be Cellular 1.
WAN OUTPUT PRIORITY ORDER:
WI-FI
CELLULAR 1
CELLULAR 2
Speed policy
Roaming policy
Signal policy
Validated
In the table below, the chosen interface would be Cellular 1 (all policies for Cellular 1 are met).
WAN OUTPUT PRIORITY ORDER:
WI-FI
CELLULAR 1
CELLULAR 2
Speed policy
Roaming policy
Signal policy
Validated
In the table below, the chosen interface would be Wi-Fi (Wi-Fi meets the same number of policies as Cellular 2, but it is the highest priority interface).
WAN OUTPUT PRIORITY ORDER:
WI-FI
CELLULAR 1
CELLULAR 2
Speed policy
Roaming policy
Signal policy
Validated
In the table below, the chosen interface would be Cellular 2 (both Cellular interfaces are roaming, but Cellular 2 meets its signal strength policy).
WAN OUTPUT PRIORITY ORDER:
WI-FI
CELLULAR 1
CELLULAR 2
Speed policy
Roaming policy
Signal policy
Validated
Defining Additional Rules for WAN Policies
Roaming Avoidance
Enabled: Select to enable/activate this rule.
Importance: Enable to make the rule Mandatory. When the rule is set to mandatory, the WAN interface must never be used if Roaming. Disable to make the rule Optional. When the rule is optional, the WAN interface should not be used if Roaming and another WAN interface is available. If no other interface is available, use this optional interface even if it is roaming.
Applies to Policy: Apply this roaming rule against the specified WAN policy.
Applies to WAN Interface: Apply this rule against the specified interface used in the WAN policy configured in Applies to Policy. Note: this must be a cellular interface.
Constrain Roaming Policy to Network Operator: The roaming rule applies only if currently connected to the specified provider.
Signal Policies
Enabled: Select to enable/activate this rule.
Importance: Enable to make the rule Mandatory. When the rule is set to mandatory, the WAN interface must never be used if outside of the configured signal strength. Disable to make the rule Optional. When the rule is optional, the WAN interface should not be used when outside of the configured signal rule and another WAN interface is available. If no other interface is available, use this optional interface even when it does not meet the signal requirements.
Applies to Policy: Apply this signal strength rule against the specified WAN policy.
Applies to WAN interface: Apply this rule against the specified interface used in the WAN policy configured in Applies to Policy, and can either be a Cellular or Wi-Fi interface.
Usable/Un-usable signal strengths can be configured in either abstracted signal bar strength or RSSI. In addition, hysteresis can be defined for the signal strengths as shown in the following graph:
The graph shows that the signal needs to be greater than or equal to the Usable signal strength for at least the Usable time period (in seconds) before the interface is considered usable. Once the signal drops below the Unusable signal for more than the Not Usable time period (in seconds), the interface is considered unusable.
Click +ADD SIGNAL POLICY to configure and add a signal policy.
Wi-Fi SSID Policies
Enabled: Select to Enable/activate this rule
Importance: Enable to make the rule Mandatory. When the rule is mandatory, the Wi-Fi rule must always apply even if it results in traffic not being able to be transported via another available interface. Disable to make the rule Optional. When the rule is optional, the WAN interface should not be used if another interface is able to carry the traffic, but if no other interface is available, use it regardless of the Wi-Fi SSID rule.
Applies to Policy: Apply this SSID rule against the specified WAN policy.
Applies to WAN Interface: Apply this rule against the specified interface used in the WAN policy configured in Applies to Policy. Note that it must be a Wi-Fi WAN interface.
Apply against SSIDs: The rule becomes active if the Wi-Fi client is currently connected to one of the specified SSIDs. See WiFi → SSID Database for the list of SSIDs available to be added this rule.
Traffic Policy when SSID Matches:
Forward: the interface can be considered usable if connected to the specified SSIDs (forms an acceptance list). In the example above, if connected to ZBox2 or Zbox5, the device will be considered usable.
Block: the interface will not be usable if connected to the specified SSIDs (forms a block list).
Vehicle Speed Policies
Enabled: Select to Enable/activate this rule
Importance: Enable to make the rule Mandatory. When the rule is mandatory, the WAN interface must never be used if vehicle speed exceeds a threshold (miles per hour). Disable to make the rule Optional. When the rule is optional, the WAN interface should not be used if another interface is able to carry the traffic, but if no other interface is available, use it even if the threshold has been exceeded.
Applies to Policy: Apply this speed rule against the specified WAN policy.
Applies to WAN Interface: Apply this rule against the specified interface used in the WAN policy configured in Applies to Policy.
Threshold (Miles/hour): When the vehicle speed is above this threshold, the Speed rule will inhibit traffic on the selected WAN interface.
Recovery Time (seconds): Once vehicle speed has exceeded the threshold and data traffic is dropped, recovery time specifies how long the vehicle must be below the speed threshold before traffic is permitted on the selected WAN interface.
Initializing Table Of Contents...
to return the default policy based rules to default.
to return the default policy based rules to default.
= rule evaluated to be usable
= rule evaluated to not be usable
= rule evaluated to not be usable but configured as Optional
