Loadbalance over multiple OpenVPN connections with one interface

[farthinder]

Hi!

Impressive project! I've been trying to accomplish something similar with just iptabels and its not easy!

I have a bit of a special case that I'm trying to achieve and would love your input.

Basically I have just the one ISP connection reachable via my Pfsense router, but multiple OpenVPN connection i´d like to load balance over. I also need to run NAT/MASQUERADE on the IPs I receive on the OpenVPN interfaces. I know you have provisions for running multiple OpenVPN over multiple ISP connections but my first and admittedly sloppy testing couldn't get it up and running. I get:

load_balance.pl No ISP services seem to be up. Restoring routing tables and firewall. RTNETLINK answers: File exists RTNETLINK answers: File exists ...... RTNETLINK answers: File exists RTNETLINK answers: Network is unreachable Starting lsm link status monitoring daemon

I can give the server (VM) running Net-ISP-Balance multiple virtual interfaces if needed but preferably they all need to be on the same subnet (my LAN).

[mpaolo85]

I believe you may have ran apt upgrade which breaks rc3.d from starting any LTE modem devices

[mpaolo85]

please see init(8) and the Debian Policy Manual.

  update-rc.d  requires  dependency  and  runlevel  information to be provided in the init.d
   script LSB comment header of all init.d scripts.   See  the  insserv(8)  manual  page  for
   details about the LSB header format.

   When    run    with    the    defaults    option,    update-rc.d    makes    links   named
   /etc/rcrunlevel.d/[SK]NNname that point to the script /etc/init.d/name, using runlevel and
   dependency information from the init.d script LSB comment header.

   If  any  files  named  /etc/rcrunlevel.d/[SK]??name  already  exist  then update-rc.d does
   nothing.  The program was written this way so  that  it  will  never  change  an  existing
   configuration,  which  may  have been customized by the system administrator.  The program
   will only install links if none are present, i.e., if it  appears  that  the  service  has
   never been installed before.

   Older versions of update-rc.d also supported start and stop options.  These options are no
   longer supported, and are now equivalent to the defaults option.

[mpaolo85]

It is reproducible if you reinstall 18.04 without the upgrade the script run perfectly but once you upgrade the WAN device is never plumbed. Then when the script finishes it shows device not found wan0 and the actual device name shows as w8XXXX that’s named in the routes.

[emptywee]

@farthinder I managed to make it work for a VM with one interface and two openvpn tunnels. Had to patch Balance.pm a little bit, though. I didn't test the use-case where this VM is being a router for other hosts on the network, but I don't see why it wouldn't work.