@brucexling as far as general latency I think that should be fine. DNS lookups are pretty quick and if you’re using a forwarder as you say, the cached response from the authoritative server should be fast too. In general, if it ain’t broke, leave it the hell alone. 😅

can anyone confirm or deny?

the identical problem exists with v2.5.1 for me...

--
Dennis

We're also experiencing this issue (https://forum.netgate.com/topic/164671/bug-dhclient-flushes-static-routes). Our current theory is that the DHCP client is to blame.

A workaround it so go static: set the interfaces configuration to static and also set the gateway manually. We stopped having this issue after that.

Hello

Yes, it is for iptv.

right now i have stopped digging around this project.

At the moment i am diving a bit deeper in zeek, ... .. .

regards Thiamata

@johnpoz said in Navigate from lan to wan:

Wasn't really specific about pfsense lan mask, I was more curious to your pc mask.. Thinking 10.0.0.2 was local. For example if you had set a static IP on say a windows machine and you start the ip with 10 it defaults to a /8 mask..
Should of been more clear in validating pc vs just pfsense settings.. If your wan and lan overlapped on pfsense you could of had more issues - like no internet at all for clients.
Which would of prevented the pc from getting to 10.0.0.x since it would of thought it local and never sent the traffic to pfsense.

Thank you Johnpoz, I'm learning about it ;)
thank you so much

have a good day

@gertjan Thank you! It works now ... Should've known that, won't make that mistake again!

@viragomann Thanks for the help! Everything works perfectly now!

@mrhomelabber Bump

@rivarda I have no idea.

@perfectbake420 said in Bringing in second Static WAN, need to route to 1 device:

Do you know of any issues with 2.5.2 RC since it is not a stable release?

No. There might be some threads in the upgrade section or some tickets in Redmine: https://www.redmine.org/versions/84.

@vlan1 said in Mapping WAN IP's from a VPS directly to local Host ?:

The question for me is, how do I assign the pfsense my WAN IP's ?

The WAN IPs have to stay on the VPS, where you run an OpenVPN server. Your pfSense connect to this server and set it as default gateway.
So any outgoing upstream packet from your home is dericted over the vpn and goes out to the internet with the static public IP of VPS.

The other way around you can use the public IP for your services like you do already, but incoming traffic on the VPS is forwarded directly to your server at home.
So you have only one time to nat the traffic in each direction like you was having the VPS public IP at home.

@ironwood
Yes, if you have a policy routing rule on an interface you have add an additional route for permiting internal traffic above of it.
This also concerns access to services provided by pfSense itself like DNS.

We haven't seen any failures with UDP in our internal testing of reply-to on 2.5.2-RC. The fix in pf was not specific to TCP, so it's unlikely to be related to whatever problem you're seeing with that PBX.

It's probably due to https://redmine.pfsense.org/issues/11296

You can revert the change there or disable gateway monitoring/monitoring actions for the gateway which is the target of the route and see if it helps.