FireBrick How to: Upload Route Overrides
You are bonding multiple lines up and down, but you want some particular device to only send traffic up a single line rather than bonding the upload. This is also assuming that you're using an AAISP (or similar) service where traffic to you is being bonded by the ISP over all the circuits.
You may want this if you have long lines and slow throughput and you wish to have your VoIP only going UP one of the broadband lines.
This is assuming you already have the FireBrick set up and working well, bonding all the traffic. Let's say you have three ADSL lines.
What we want to do is to use just line 3 for upload of these specific devices.
It's easier to manage the config if we create an IP Group for the device(s) that we want to use line 3 for their upload.
<ip-group name="phones" ip="192.0.2.99" comment="IPs here are phones, this is used in route overrides"/>
We want to only override the route if the DSL line is up, so lets create a profile for this: (our line 3 is called ADSL3)
<profile name="ADSL3" ppp="ADSL3"/>
We need to tell the FireBrick a couple of things regarding the config for Line three's PPP:
- Use the line as a lower priority (localpref) - that way all other traffic won't be using it
- Add an (arbitrary) IP to the 'Routes' as this is what we'll use as the gateway in the override
<ppp name="WAN3" port="WAN" username="firstname.lastname@example.org" password="secret" speed="300000" lcp-rate="1" lcp-timeout="10" routes="0.0.0.3" localpref="50" graph="Line 3" comment="Used for VOIP upload hence localpref and route"/>
This is where the routing logic happens. If the line is up then send traffic from the phone IP group to line 3
<route-override name="VoIP" profile="ADSL3" comment="Send VoIP up line 3"> <rule source-ip="phones" set-gateway="0.0.0.3"/> </route-override>
- All traffic TO you comes down all 3 lines. (this is handled by the ISP)
- VoIP Traffic LEAVES you up line 5
- All other traffic leaving you is bonded UP the remaining lines
- If line 3 goes down, then everything is bonded over the remaining lines
Once the config is applied, give it a while and watch the graphs - you should see upload traffic on line 3 only when making VoIP calls...