Dual / Triple WAN HowTo | DHCP scripts on Page 5!!!!

Joined: 22 Nov 2010
PostPosted: Fri Jan 14, 2011 17:34
Anyone get this working on a WRT160NL?

Joined: 10 May 2007
PostPosted: Tue Mar 08, 2011 2:51
mstombs wrote:
black6spdz wrote:
gave up on dd-wrt, found Tomato DualWAN EN version, flashed it and it works right out of the box!

Is that my GUI mod of the Chinese DualWAN buggy code - with possible backdoors as no source-code ever released?

Why is it buggy? It works absolutely flawless with my two 6Mb DSL lines load balanced and with line test / failover. QoS works perfect too and very easy to setup. Have you ran a portscan on a box or observed any traffic besides NTP or ICMP coming out to substantiate a claim of backdoors? I'm a long time fan of DD-WRT and I still run it on my main RSPro router but for anyoneone not wanting to fumble with scripts and whatnot the Tomato DualWan is a dream come true.. why dont they build a preconfigured dual/multiwan dd-wrt with a gui? Couple that with a highpower unit such as a 610N or 16N router and the peplink/Cisco small business dualwan routers have some serious competition.

DD-WRT w/ Superchannel, Ubiquiti RS Pro @800Mhz, Ubiquiti SR71-A a/n,g/n
Joined: 18 Sep 2007
PostPosted: Wed Mar 16, 2011 0:58
Hi Everybody.
I successfully managed to get dual wan load balacing after reading the dual wan with round robin load equalization Wiki page. But I observed a problem with this setup. If one of the links goes down. I can't browse anymore nor ping anything. I have to remove the default route with equalization and the add the default route for the working link.
Is there any way i can avoid doing this and make dd-wrt do this automatically? Isn't the equalization default route supposed to manage this?
Or configure load-balancing equalization with failover ?

Joined: 26 Mar 2011
PostPosted: Sat Mar 26, 2011 15:14
Asmodous wrote:
I have been trying to get dual wan to run on a wnr3500l v2 running dd-wrt.v24-14929_NEWD-2_K2.6_big. I have read may different ways to do it and have tried all that I have came across. From the one's here to the roadrunner one even this one saying that says you can do it all in nvram http://www.sbhacker.net/forum/index.php/topic/26969-advanced-dual-wan-router-guide-for-dd-wrt-routers/ yet have not been able to get it to work.

I am curently set as follows
jffs2 with the following files
I have not made any changes to the first file.
Added sleep5 to the second file.
Changed the vlan from 1 to 2 and 2 to 3.
added iptables to the jffs folder
added command to start up udhcpc -s /jffs/scripts/udhcpc-wan2.script -i vlan3
added to the firewall

nvram set vlan1ports="4 3 1 8*"
nvram set vlan2ports="0 8"
nvram set vlan3ports="2 8"
nvram set port0vlans="2"
nvram set port1vlans="1"
nvram set port2vlans="3"
nvram set port3vlans="1"
nvram set port4vlans="1"
nvram set port5vlans="1 2 3 16"
nvram set vlan1hwname="ET0"
nvram set vlan2hwname="ET0"
nvram set vlan3hwname="ET0"
nvram set vlan3_bridged="0"
nvram commit
After doing this if i stick in both wan port i get nothing if i remove the new secondary i can get wan.
thank you for any help you can give. Confused

Did you ever find a solution to this? I'm trying to set up dual wan on the same Netgear WNR3500L, and seem to be running into roadblocks no matter which method I attempt.
Joined: 07 Apr 2011
PostPosted: Thu Apr 07, 2011 11:45
trying to get this working with a WRT54GL. EVerything seems to install ok but vlan2 never gets an IP, even when connecting port 4 to one of the other ports on the router.

I used darkhawks scripts to setup/install. One of the wan devices is a cable modem the other is a ADSL modem/router. If i hook the ADSL modem/router to one of the other ports and reboot the wrt54gl the 2nd network gets passed through, the wrt54gl acts like a switch. So i know im able to get an ip.

Im thinking that the wrt54gl is not doing DHCP requests on port 4.

vlan2 Link encap:Ethernet HWaddr 00:16:B6:ED:F6:15
RX packets:234 errors:0 dropped:0 overruns:0 frame:0
TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:14269 (13.9 KiB) TX bytes:668 (668.0 B)
Joined: 24 Jan 2010
PostPosted: Sun Apr 24, 2011 15:56
Hi community , i`m trying to write a tutorial for DUAL WAN on E2000 / WRT320 Routers, what I have wrote is what you see below : would you please help me to continue the tutorial ?

Kind Regards


DUAL WAN E2000 / WRT320N

DUAL WAN E2000 / WRT320N This tutorial brings to you all the steps to allow your E2000 Router into "DUAL WAN" with DHCP on every WAN port, asumming you have 2 ISP providers and they gives you an "always on" connection (no ppoe) just plug the patch cord in your wan port and you receive a public IP address.

I`m Using "DD-WRT v24-sp2 (04/11/11) mini - build 16773M NEWD-2 K2.6 Eko"

First Approach to "Dual Wan" on this models is to have clear the standards vlans & ports default configuration :

E2000 Default Port & Vlan Asignation.

root@DD-WRT:~# nvram show | grep vlan.*ports
vlan2ports=0 8
size: 19998 bytes (41442 left)
vlan1ports=4 3 2 1 8*

It means : Physic port 0 (WAN) = WAN port Logic
Physic port 4 = LAN port 1 Logic
Physic port 3 = LAN 2 Logic
Physic port 2 = LAN 3 Logic
Physic port 1 = LAN 4 Logic
Port 8 = It has to be present en every VLAN since it is a logical bridge

Next Step is to have clear port membership on every VLAN.
root@DD-WRT:~# nvram show | grep port.*vlans
port5vlans=1 2 16
size: 19998 bytes (41442 left)

It Means : Ports 3 , 1 , 4 and 2 belongs only to VLAN 1
Port 0 (WAN) belongs to VLAN 2
Port 5 Vlans is an internal port just for bridging and you don have to consider this port.

Next Step is to have clear the Name of the vlans in Logical inteface name.

root@DD-WRT:~# nvram show | grep vlan.*hwname
size: vlan2hwname=et0
19998 bytes (41442 left)

It means VLAN1 & VLAN2 are part of interface ETH0

Next Step is to create space by enabling jffs to hold load balancing & Firewall scripts.

E2000 & WRT320N have 8MB Flash & 32 MB Ram so you have plenty space to save scripts on JFFS space.

Go to "Administration TAB" then "Management TAB" and change the values to ENABLE JFFS and CLEAN JFFS, then Hit "Save" and "Apply Settings" and finally "Reboot Router"

Next Step is to allow SSH protocol to transfer files to JJFS Space created in our router.

When Router comes back alive again , It is time to allow connections through SSH protocol : Is is done from the TAB "Services" and look for "Secure Shell" on the menu SSHd just click "Enable" now again , Hit "Save" button an the botton of that page, next " Apply Setting" and next "Reboot Router"

To be continued ASAP

Joined: 24 Jan 2010
PostPosted: Mon Apr 25, 2011 10:30
Hi Community , tutorial has been updated and can be found here : http://www.dd-wrt.com/wiki/index.php/DUAL_WAN_E2000_/_WRT320N

Any contributions will be appreciated

Kind regards

Marcelo Semino

Joined: 27 May 2010
PostPosted: Mon Apr 25, 2011 19:33
Will this work on a WRT150 V1?
Joined: 21 May 2011
PostPosted: Sat Jun 11, 2011 8:19
I am using settings from page 1 on linksys wrt54gl, dual wan and I want to mark specific ports to a separate wan

Port 53 and 80 to go on vlan2
Port 137:139 and 445 on vlan1

Something like this:


$IPTABLES -t mangle -I vlan2 -p udp --dport 53 -j ETH1
$IPTABLES -t mangle -I vlan2 -p tcp --dport 80 -j ETH1
$IPTABLES -t mangle -I vlan1 -p tcp --dport 445 -j ETH2
$IPTABLES -t mangle -I vlan1 -p tcp --dport 135:139 -j ETH2

This are the routes

vlan2 dev vlan1  proto kernel  scope link  src dev vlan2  proto kernel  scope link  src dev br0  proto kernel  scope link  src dev br0  proto kernel  scope link  src dev lo  scope link
        nexthop via  dev vlan1 weight 1
        nexthop via  dev vlan2 weight 1

Is this ok ?
Joined: 13 Jun 2011
PostPosted: Mon Jun 13, 2011 21:02
Is there an easy way to disable the load balancing?

I'm really interested in failover. I've got the router configured as a wireless client and that seems to work for having internet access via the other network. I'm hoping I can make that one a "secondary" WAN and then my hardwired connection the "primary" WAN. I'd only want to rollover to the secondary of the primary fails.

I've taken a quick peek at the code but am not familiar enough with the language to feel comfortable altering the balancing/failover code unassisted.

Any guidance would be appreciated.
Joined: 11 Jun 2010
PostPosted: Thu Jul 21, 2011 21:06
Anyone got this working and willing to help me out.
I got a rt-n16 router.
Here are some for the information I have done so far but could not get it work in trying to get an IP for port 4.

vlan1 = 1,2,3 (port)
vlan2 = WAN port
vlan3 = 4 (port)


vlan2ports=0 8
vlan0ports=1 2 3 4 5*
vlan3ports=4 8
vlan1ports=3 2 1 8*

port5vlans=1 2 3 16
port3vlans=1 18 19
port1vlans=1 18 19
port4vlans=3 18 19
port2vlans=1 18 19
port0vlans=2 18 19

okay..after thinking about this. I thought I would give this method a try.
modem1 -> vonage router --> dd-wrt router -> port 4
modem2 -> dd-wrt router --> WAN port

with the method above, I should be able to assign a static IP for port 4. Everything is okay at this point after reboot but cannot access internet.
Please help or let me know if this method will work.
Joined: 22 Aug 2011
PostPosted: Sun Aug 28, 2011 1:50
Hello everybody!

I was interested to "make this real" (the whole Dual Wan thing), and finally I did it.

So, here is my configuration:

1) WRT54GL v1.1, DD-WRT v24-sp2 (08/12/10) mini (SVN revision 14929)
-Repeater Mode
-Connection Type: Static IP
-Network Setup (Router IP)
-DHCP Server Enabled
-DNS Masq Disabled in Services

The router above is plugged to Port 4 and it is the "first" internet connection.

2) WRT54GL v1.1, DD-WRT v24-sp2 (08/12/10) mini (SVN revision 14929)
-Repeater Mode
-Connection Type: Static IP
WAN IP: xxx.xxx.xxx.xxx
GATEWAY: yyy.yyy.yyy.yyy
STATIC DNS: yyy.yyy.yyy.yyy
-Network Setup (Router IP)
GATEWAY: yyy.yyy.yyy.yyy
LOCAL DNS: yyy.yyy.yyy.yyy
-DHCP Server Enabled
-DNS Masq Disabled in Services

The router above is working as the Dual Wan Device and it "holds" the "second" internet connection.

As you can see, this works using two WRT54GL v1.1 in Repeater Mode.

I made it real (for me) following the instructions posted by killaDUALwans (thanks man!) and it works almost perfectly and I'm facing the following issue/bug/problem:


- The "first" internet connection is about 12mbit/1mbit (up/down)
- The "second" and the "slow" connection is about 4mbit/1mbit (up/down)

And finally the problem:

The above statement gives us theoretically a 16mbit/2mbit balanced connection BUT the maximum download speed is 2 times the "slow" connection and it's equal to 8mbit.

I have changed (a bit) a part of code in routes.firewall from
ip route add default scope global equalize nexthop via $(nvram get wan_gateway) dev eth1 nexthop via $(nvram get wan2_gateway) dev $(nvram get wan2_ifname)


ip route add default scope global equalize nexthop via $(nvram get wan_gateway) dev eth1 weight 1 nexthop via $(nvram get wan2_gateway) dev $(nvram get wan2_ifname) weight 1

but no luck.

So, can anyone explain/help/show me where is the problem and if it's possible to solve this issue?

Thank you very much.
Joined: 01 Sep 2011
PostPosted: Thu Sep 01, 2011 8:12

I got this working on DD-WRT v24-sp2 (08/07/10) mega - build 14896 on a WRT350N

One of the WAN's is a wireless connection, the other is wired. Thanks to lots of people who contributed, but I wanted to put the information I learned after reading the 60 pages of posts.

Things that make it work for WRT350N.

I had to set up ports like this:


nvram set vlan1ports="1 2 3 8*"
nvram set vlan3ports="4 8"
nvram set vlan3hwname=et0
nvram commit

Then I had to change the Firewall.Firewall Scripts. only slightly, there are a few areas where you can find


replace with

$(nvram get wan_ifname)

or if you are not using the WAN port but instead have set up your router in Repeater Mode you need to change every thing that says

$(nvram get wan_ifname)

including what you just changed to


You will need to change that in both firewall.firewall and routes.firewall

Also you need to change the interface reference in the startup script to look like this.

udhcpc -s /jffs/scripts/udhcpc-wan2.script -i vlan3

I used these scripts with wget


make sure you have the right permissions, and you can use:

vi /jffs/scripts/firewall.firewall

to edit the scripts and all to check for ^M characters because I had a lot of those, when using vi I found that I had to push the "s" key to start editing, and then ESC when i was ready to exit and the command ":wq" to quit and save and if I wanted to quit with out saving type ":quit!"

It took me about 20 Hours to get all this done, but it included learning how to set up USB and jffs so hopefully it will save some people who have wrt350 and other routers sometime.

I would next like to figure out how to do failover so that if one of the connections is down it will switch to the other one only until it comes back up.

Also some way to not cache the routes so that downloading from single servers will be faster.

Joined: 06 Apr 2007
PostPosted: Thu Sep 01, 2011 15:10
Wow, I am very surprised this thread is still going.

I still have dual wan going, mostly on linux boxes now, as my WRT54GS was to slow to handle my connections. I wish I could answer questions when it comes to the newer devices, but the thing that would have changed the most was the VLANs. Other than that, and a different iptables, they should all be the same.

What firmware version is everyone running? I remember V24 dropped the random module. I still have DD-WRT running at home (in front of a SIP phone with a single connection) but I can investigate some issues.

Way to keep this thread going guys, and I can try and help as much as I can. Just between work and family, might be kind of slow to respond Smile



Linksys EA6500v2 | 5GHz 1st Floor AP | Advanced Tomato 1.28.0000 -2.9-131 K26ARM USB AIO-64K
Netgear WNR2000v3 | 2nd Floor AP | DD-WRT v3.0-r27805 std

Behind a Raspberry Pi Dual WAN router
Joined: 05 Oct 2011
PostPosted: Thu Oct 06, 2011 17:36
quechua wrote:
Psychosis: Thanks for all of the tips/help I have worked it out. Below I will post detailed directions based on yours so that I can find them again someday and in case anyone else with an E3000 wants to do this (especially anyone with UVERSE + Cable Modem).

Hi Quechua,

I am trying the same setup with an E2000 router and everything works until setting up the firewall rules. There iptables complains with the rules regarding MARK and RANDOM. I have noted that the modules for iptables to be loaded does not exist in my firmware dd-wrt.v24-15508_NEWD-2_K2.6_big-e2k-e3k.bin.
Please, can you tell me which firmware version are you using for the E3000 that is working?

Thanks in advance...
