Upload not working on GW_Failover
-
That should be OK.Then the next thing I would test is connecting the 4G router directly to pfSense to eliminate the switch as an issue.
Throttling to that extent is usually something low level like a bad port or cable.
-
@stephenw10 ok i tried and it works right:
by connecting the ZTE directly in the WAN port and giving it the 192.168.8.3 IP address.
Are you sure it's not something with some firewall rule? Because even trying on a different cable, port and switch it behaves the same
now i had to give him an OPT1 interface and set it up in static IPv4, while in my config was setup as an IP address in my LAN network like this:
because i thought that by doing so i wouldn't need to set up VLANs -
I tried to reconfigure the GW-Failover as i did before, and it still behaves the same, but if i run a speedtest from the firewall it works just right...
So i think it's something blocking traffic from LAN but i don't know what can be -
Oh it was in your LAN subnet?
In that case it's almost certainly an asymmetric routing problem. You can't have two gateways and hosts all the same subnet like that.
https://docs.netgate.com/pfsense/en/latest/troubleshooting/asymmetric-routing.html
You need to put the 4G router on a separate interface. That could be a VLAN if you don't have any spare NICs.
Steve
-
@stephenw10 unfortunatelly i cannot use VLANs because the ZTE with stock firmware isn't capable of use them.
I try to see if the firewall fix works thanks
I don't know if it's this the rule that it's said in the documentation
If yes, then the automatic fix doesn't work, i try the manual. -
The modem doesn't need to support VLANs as long as the switch does. The only part that would be VLAN tagged is between the pfSense LAN NIC and the switch.
-
@stephenw10 yes my keenetic AP supports VLAN tag.
I tried to do the manual fix with the LAN and the floating rule and it works
,
now i only need to try to set up codelQ to limit the speed to 30/30 so i can get decent bufferbloat even with the backup connection.
I tried to set up a VLAN this morning but i think i misconfigured something and it wasn't working
-
It would be much better to use a separate VLAN interface than using the workaround firewall rule if you can. Without VLANs you are still using asymmetric routing just masking the issue. But I'd almost guaranty it will come back to bite you at some point.
Steve
-
@stephenw10 i know, but i've never used VLANs before and when i tried this morning i think i messed up something, i'll see some documentation/ tutorial on how to use them and i'll try.
Are you sure the static route problem won't cause problem even with a VLAN?
Thank You. -
Using the VLAN eliminates the asymmetry. All traffic to and from the 4G router then has to go through pfSense via the LAN and VLAN interfaces. Currently traffic can go directly between the 4G router and LAN hosts without going through pfSense.
-
@stephenw10 yes i think tomorrow i'll work on that, because right now my PPPoEv4 isn't letting any traffic through so i think i messed something. Even setting it up as gateway it doesn't work.
(my v6 PPPoE comes from the v4)
luckily i had a backup and restored it LOL. -
@stephenw10 Hi, i resume this thread to say that i configured correctly the VLAN and now the failover works perfectly also i configured CodelQ with a 30Mbit limiter (BTW Thank You), there's only a little thing that annoys me: my backup Sim changes IP every 4 hours so the firewall sends me 2 messages like these:
Is there a way to turn off notifications on that gateway and at the same time keeping the monitoring on to detect if it works or not? -
Not within the pfSense GUI. It always notifies about gateway events. And you need the gateway monitoring and actions enabled to make sure failover works correctly.
You could assume it's always up and disable monitoring actions on the 4G router gateway. That might be acceptable. -
@stephenw10 said in Upload not working on GW_Failover:
Not within the pfSense GUI
is it possible via CLI?
Otherwise i can see if i can do something through the telegram bot or i'll do the always up. -
Anything is possible with code!
But it not something I'm familiar with. There have been calls for better granularity in notifications. There might be some examples in the forum.
-
@stephenw10 well, guess i have to find what's the code PFsense uses to send telegram messages. Thank You
I did it!
I added the stringif (str_contains($data["text"],"LTE_Backup_VLAN")) return 0to the etc/inc/
/notices.inc file and it works, it doesn't send me messages about that gateway but still monitors it, but still checking if everything works. -
@GiaNN i'll do some other testing because it seems that so It won't send any message besides the test one
