pfSense 2.8.0: Sticky Connections in Dual-WAN Setup Not Maintaining Source Tracking
-
Hello Community,
After recently upgrading to pfSense 2.8.0, I've encountered an issue related to source tracking entries in a dual WAN configuration.
Under System > Advanced > Miscellaneous, the "Use sticky connections" option is enabled (though I've also tested with it disabled and re-enabled), but I am noticing that source tracking entries are not being maintained as expected. In previous versions, enabling sticky connections ensured consistent outbound gateway selection per source IP, with source tracking entries reflecting this behavior.
Current Behavior:
- With or without "Use sticky connections" enabled, source tracking table is empty.
- This affects connection consistency across WAN interfaces, potentially impacting applications sensitive to IP changes.
- I have verified that my policy routing and gateway group configuration remain unchanged since the upgrade.
- The issue appears to persist across reboots and interface resets.
Environment Details:
- fSense version: 2.8.0-RELEASE (amd64)
- Dual WAN (WAN1 + WAN2) with Gateway Group for load balancing (both Tier 1)
- "Use sticky connections": Checked
- Outbound NAT: Automatic
- State Policy: Interface Bound States
- No custom modifications to source tracking timeouts
I'd appreciate any insights or recommendations for troubleshooting further or confirming whether this is a bug.
Thank you in advance!
-
@E-I
I'll second that.
I get the same issue. -
@E-I Chill Guy Clicker said in pfSense 2.8.0: Sticky Connections in Dual-WAN Setup Not Maintaining Source Tracking:
Hello Community,
After recently upgrading to pfSense 2.8.0, I've encountered an issue related to source tracking entries in a dual WAN configuration.
Under System > Advanced > Miscellaneous, the "Use sticky connections" option is enabled (though I've also tested with it disabled and re-enabled), but I am noticing that source tracking entries are not being maintained as expected. In previous versions, enabling sticky connections ensured consistent outbound gateway selection per source IP, with source tracking entries reflecting this behavior.
Current Behavior:
- With or without "Use sticky connections" enabled, source tracking table is empty.
- This affects connection consistency across WAN interfaces, potentially impacting applications sensitive to IP changes.
- I have verified that my policy routing and gateway group configuration remain unchanged since the upgrade.
- The issue appears to persist across reboots and interface resets.
Environment Details:
- fSense version: 2.8.0-RELEASE (amd64)
- Dual WAN (WAN1 + WAN2) with Gateway Group for load balancing (both Tier 1)
- "Use sticky connections": Checked
- Outbound NAT: Automatic
- State Policy: Interface Bound States
- No custom modifications to source tracking timeouts
I'd appreciate any insights or recommendations for troubleshooting further or confirming whether this is a bug.
Thank you in advance!
This certainly sounds like an unintended change or bug in the source tracking mechanism introduced in pfSense 2.8.0. Since your configuration has not changed and the problem persists even after trying toggling sticky connections on/off, rebooting and resetting the interface, a misconfiguration can be ruled out. The fact that the source tracking table is always empty suggests that the sticky connection mechanism may not be working as expected. You should consider filing a bug report or checking to see if other users are experiencing the same problem on the Netgate forums or Redmine bug tracking system.