Re: Dual PPPoE WAN same ISP

I give you my configuration, if you can tell me why it does not balance

ubnt@EDGEMAX:~$ show configuration
firewall {
all-ping enable
broadcast-ping disable
group {
network-group PRIVATE_NETS {
network 192.168.0.0/16
network 172.16.0.0/12
network 10.0.0.0/8
}
}
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians disable
modify balance {
rule 10 {
action modify
description "do NOT load balance lan to lan"
destination {
group {
network-group PRIVATE_NETS
}
}
modify {
table main
}
}
rule 20 {
action modify
description "do NOT load balance destination public address"
destination {
group {
address-group ADDRv4_pppoe0
}
}
modify {
table main
}
}
rule 30 {
action modify
description "do NOT load balance destination public address"
destination {
group {
address-group ADDRv4_pppoe1
}
}
modify {
table main
}
}
rule 70 {
action modify
modify {
lb-group G
}
}
}
name WAN_IN {
default-action drop
description "WAN to internal"
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
name WAN_LOCAL {
default-action drop
description "WAN to router"
rule 10 {
action accept
description "Allow established/related"
state {
established enable
related enable
}
}
rule 20 {
action drop
description "Drop invalid state"
state {
invalid enable
}
}
}
options {
mss-clamp {
mss 1412
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
address 192.168.1.11/31
description WAN
duplex auto
poe {
output off
}
pppoe 0 {
default-route force
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
mtu 1492
name-server auto
password ****************
user-id adslppp@telefonicanetpa
}
speed auto
}
ethernet eth1 {
address 192.168.1.14/31
description "WAN 2"
duplex auto
poe {
output off
}
pppoe 1 {
default-route force
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
mtu 1492
name-server auto
password ****************
user-id adslppp@telefonicanetpa
}
speed auto
}
ethernet eth2 {
address 192.168.1.1/24
description "Local 2"
duplex auto
firewall {
in {
modify balance
}
}
poe {
output off
}
speed auto
vif 20 {
address 192.168.4.1/24
description CAM
mtu 1500
}
vif 30 {
address 192.168.5.1/24
description UNIF
mtu 1500
}
vif 40 {
address 192.168.6.1/24
description HOTSPOT
mtu 1500
}
vif 50 {
address 192.168.7.1/24
description Sct
mtu 1500
}
vif 60 {
address 192.168.8.1/24
description SAMSUNG
mtu 1500
}
}
ethernet eth3 {
address 192.168.2.1/24
description SERV
duplex auto
poe {
output off
}
speed auto
}
ethernet eth4 {
address 192.168.9.1/24
description eth4
duplex auto
poe {
output off
}
speed auto
}
loopback lo {
}
switch switch0 {
description Local
firewall {
in {
modify balance
}
}
mtu 1500
}
}
load-balance {
group G {
interface eth0 {
route-test {
initial-delay 60
interval 10
type {
ping {
target 8.8.8.8
}
}
}
weight 50
}
interface eth1 {
route-test {
initial-delay 60
interval 10
type {
ping {
target 8.8.8.8
}
}
}
weight 50
}
interface pppoe0 {
route-test {
initial-delay 60
interval 10
type {
ping {
target 8.8.8.8
}
}
}
weight 50
}
interface pppoe1 {
route-test {
initial-delay 60
interval 10
type {
ping {
target 8.8.8.8
}
}
}
weight 50
}
lb-local enable
}
}
port-forward {
auto-firewall enable
hairpin-nat enable
lan-interface eth0
lan-interface eth3
lan-interface eth2.50
lan-interface eth2.60
lan-interface eth2
rule 1 {
description TS
forward-to {
address 192.168.2.201
port 59
}
original-port 59
protocol tcp_udp
}
rule 2 {
description TS
forward-to {
address 192.168.2.201
port 49
}
original-port 49
protocol tcp_udp
}
rule 3 {
description CAMARAS
forward-to {
address 192.168.1.110
port 300
}
original-port 300
protocol tcp_udp
}
rule 4 {
description CAMARAS2
forward-to {
address 192.168.1.110
port 200
}
original-port 200
protocol tcp_udp
}
rule 5 {
description NVR1
forward-to {
address 192.168.4.19
port 6666
}
original-port 6666
protocol tcp_udp
}
rule 6 {
description NVR2
forward-to {
address 192.168.4.19
port 7080
}
original-port 7080
protocol tcp_udp
}
rule 7 {
description NVR3
forward-to {
address 192.168.4.19
port 7443
}
original-port 7443
protocol tcp_udp
}
rule 8 {
description NVR4
forward-to {
address 192.168.4.19
port 7445
}
original-port 7445
protocol tcp_udp
}
rule 9 {
description NVR5
forward-to {
address 192.168.4.19
port 7446
}
original-port 7446
protocol tcp_udp
}
rule 10 {
description NVR6
forward-to {
address 192.168.4.19
port 7447
}
original-port 7447
protocol tcp_udp
}
rule 11 {
description "device inform"
forward-to {
address 192.168.1.200
port 8080
}
original-port 8080
protocol tcp_udp
}
rule 12 {
description "controller UI"
forward-to {
address 192.168.1.200
port 8443
}
original-port 8443
protocol tcp_udp
}
rule 13 {
description "portal redirect pc"
forward-to {
address 192.168.1.200
port 8880
}
original-port 8880
protocol tcp_udp
}
rule 14 {
description otros
forward-to {
address 192.168.8.110
port 999
}
original-port 999
protocol tcp_udp
}
rule 15 {
description OS
forward-to {
address 192.168.8.110
port 1700
}
original-port 1700
protocol tcp_udp
}
rule 16 {
description NEW
forward-to {
address 192.168.8.110
port 500
}
original-port 500
protocol tcp_udp
}
rule 17 {
description DEC
forward-to {
address 192.168.8.110
port 900
}
original-port 900
protocol tcp_udp
}
rule 18 {
description DEC
forward-to {
address 192.168.8.110
port 901
}
original-port 901
protocol tcp_udp
}
rule 19 {
description DEC
forward-to {
address 192.168.8.110
port 902
}
original-port 902
protocol tcp_udp
}
wan-interface pppoe0
}
service {
dhcp-server {
disabled false
hostfile-update disable
shared-network-name CAMARAS {
authoritative disable
subnet 192.168.4.0/24 {
default-router 192.168.4.1
dns-server 192.168.4.1
dns-server 8.8.8.8
lease 86400
start 192.168.4.110 {
stop 192.168.4.150
}
unifi-controller 192.168.1.200
}
}
shared-network-name HOSTPOST {
authoritative disable
subnet 192.168.6.0/24 {
default-router 192.168.6.1
dns-server 192.168.6.1
dns-server 8.8.8.8
lease 86400
start 192.168.6.100 {
stop 192.168.6.130
}
unifi-controller 192.168.1.200
}
}
shared-network-name LAN {
authoritative enable
subnet 192.168.1.0/24 {
default-router 192.168.1.1
dns-server 192.168.1.1
dns-server 8.8.8.8
lease 86400
start 192.168.1.130 {
stop 192.168.1.160
}
static-mapping FER {
ip-address 192.168.1.102
mac-address 74:d4:35:11:ad:e8
}
static-mapping GRABA {
ip-address 192.168.1.110
mac-address 00:18:ae:20:1b:22
}
static-mapping KONICAMINOLTA {
ip-address 192.168.1.69
mac-address 00:20:6b:6a:d1:cb
}
static-mapping UNIFICLOUDKEY {
ip-address 192.168.1.200
mac-address 80:2a:a8:4d:93:60
}
static-mapping UNIFISWITCH {
ip-address 192.168.1.100
mac-address 80:2a:a8:1f:fe:14
}
unifi-controller 192.168.1.200
}
}
shared-network-name PRUEBA {
authoritative disable
subnet 192.168.9.0/24 {
default-router 192.168.9.1
dns-server 192.168.9.1
dns-server 8.8.8.8
lease 86400
start 192.168.9.100 {
stop 192.168.9.120
}
}
}
shared-network-name SAMSUNG {
authoritative disable
subnet 192.168.8.0/24 {
default-router 192.168.8.1
dns-server 192.168.8.1
dns-server 8.8.8.8
lease 86400
start 192.168.8.110 {
stop 192.168.8.115
}
static-mapping UNIF {
ip-address 192.168.8.100
mac-address 44:d9:e7:90:19:85
}
static-mapping vud {
ip-address 192.168.8.110
mac-address 78:44:76:b2:89:15
}
unifi-controller 192.168.1.200
}
}
shared-network-name SER {
authoritative disable
subnet 192.168.2.0/24 {
default-router 192.168.2.1
dns-server 192.168.2.1
dns-server 8.8.8.8
lease 86400
start 192.168.2.201 {
stop 192.168.2.201
}
static-mapping SER {
ip-address 192.168.2.201
mac-address 00:26:55:6e:a9:d4
}
unifi-controller 192.168.1.200
}
}
shared-network-name Sc {
authoritative disable
subnet 192.168.7.0/24 {
default-router 192.168.7.1
dns-server 192.168.7.1
dns-server 8.8.8.8
lease 86400
start 192.168.7.100 {
stop 192.168.7.130
}
unifi-controller 192.168.1.200
}
}
shared-network-name UNIF {
authoritative disable
subnet 192.168.5.0/24 {
default-router 192.168.5.1
dns-server 192.168.5.1
dns-server 8.8.8.8
lease 86400
start 192.168.5.100 {
stop 192.168.5.150
}
static-mapping CAMA {
ip-address 192.168.5.27
mac-address 44:d9:e7:41:19:d7
}
static-mapping UniFIAP-AC-LR {
ip-address 192.168.5.100
mac-address 80:2a:a8:46:47:98
}
unifi-controller 192.168.1.200
}
}
use-dnsmasq disable
}
dns {
dynamic {
interface eth2.60 {
service custom-noip {
host-name n************
login *******************
password ****************
protocol noip
server dynupdate.no-ip.com
}
web dyndns
}
interface pppoe0 {
service custom-noip {
host-name **************
login ******************
password ****************
protocol noip
server dynupdate.no-ip.com
}
}
}
forwarding {
cache-size 150
listen-on eth2
listen-on eth3
listen-on pppoe0
listen-on eth2.50
listen-on eth2.60
listen-on eth0
}
}
gui {
http-port 80
https-port 443
older-ciphers enable
}
nat {
rule 5000 {
description "masquerade for WAN"
outbound-interface pppoe0
type masquerade
}
rule 5002 {
description "masquerade for WAN 2"
outbound-interface pppoe1
type masquerade
}
rule 5003 {
description "Ruter Telefonica "
log disable
outbound-interface eth0
protocol all
type masquerade
}
rule 5004 {
description "Ruter Telefonica 2"
log disable
outbound-interface eth1
protocol all
type masquerade
}
}
ssh {
port 22
protocol-version v2
}
}
system {
conntrack {
expect-table-size 4096
hash-size 4096
table-size 32768
tcp {
half-open-connections 512
loose enable
max-retrans 3
}
}
host-name EDGEMAX
login {
user ubnt {
authentication {
encrypted-password ****************
}
level admin
}
}
name-server 8.8.8.8
name-server 8.8.4.4
name-server 80.58.61.250
name-server 80.58.61.254
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
offload {
hwnat disable
ipv4 {
forwarding enable
pppoe enable
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone Europe/Madrid
traffic-analysis {
dpi enable
export enable
}
}