• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

wireguard multiwan doesnt properly round robin traffic

Scheduled Pinned Locked Moved Routing and Multi WAN
wireguardmultiwantraffic shaping
1 Posts 1 Posters 655 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • V
    Viss
    last edited by Sep 21, 2022, 1:51 AM

    Hello!

    Multiwan wireguard setup in round-robin doesn't treat traffic the same as exactly the same setup without wireguard.

    My setup:
    I have a dual-isp setup (cox & starlink), and I have all outbound traffic flowing across wireguard tunnels to a second pfsense appliance in a colo.

    I've been able to force wireguard to create tunnels on the appropriate interfaces (since you cant bind it to one) by using static routes. The receiving end is using two IPs for this, and I've created rules on the far end to only permit the appropriate source IP to land on the designated target IP.

    The issue:
    When using the wireguard tunnels, the same exact round-robin multiwan setting (two gateways, both set to tier 1) traffic only flows over one gateway and the second is idle. If I switch to just using the naked gateways versus the wireguard interfaces, traffic flows as expected and is properly load balanced across both links.

    A wrinkle:
    If I setup policy rules on the LAN firewall section to specify the same exact gateway group, and also have the default gateway for the firewall using the same group "it kinda works", but I only get about 75% of the bandwidth - the graphs do show traffic flowing across both links, though.

    Expected functionality: I would expect that round-robin multiwan would work exactly the same over wireguard versus over naked isp links.

    I'm not 100% sure why using wireguard tunnels in a round-robin config would cause the round-robin part to just 'not apply', and I'm even more confused about adding the policy routing component making it mostly work.

    Any help here would be great!

    1 Reply Last reply Reply Quote 0
    1 out of 1
    • First post
      1/1
      Last post
    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
      This community forum collects and processes your personal information.
      consent.not_received