Question about why both WANS stop working when only 1 is unplugged
-
I have cable and dsl going into my pfsense router.
I have simple policy based rules, not really any traffic shaping.
like I have 192.168.9.91~95 go over cable
and 192.168.9.96 go over dslAnd a couple computers in 91~95 go over dsl for certain port ranges.
My question is this, say like I unplug WAN2 (dsl), everything stops working. To test, I had one of my computers completely routed through WAN(cable). I then unplugged wan2 (dsl), and even the computer that was set to use only WAN did not work when WAN2 was unplugged.
Is there any way around this? I could not find any tutorials about this, I dont think I'm really looking to set up failover (although that might be nice), I just want the existing WAN to work when one of them is unplugged. I am not sure if this is possible.
thanks in advance,
Zack -
does the LB status show that both are down? If so you probably have the monitor IPs set up wrong.
-
Hey, sorry about my ignorance.
What is the LB status and what are the monitor IPs?
thanks,
Zack -
(Load Balancer = LB)
Sorry Zack, I am trying to get my Load Balancer working (its driving me crazy!) and so I assumed you were using the same stuff.Do both WANs stop when you unplug any of the modems? I suspect that only one of your WANs is working anyway.
Which version of the software are you using (the System page in the menu will display this)?
To help debug the rules runningcat /tmp/rules.debug
would help.
-
I know that both of my WANS are working because I go to www.showmyip.com
and the computer routed over dsl is different than the computer routed over cable.They both work when they are plugged in, the problem is when I unplug one of them, it stops working on both of them. So say I unplug my dsl, even my computers going through cable can no longer access the internet.
Zack
-
Maybe DNS is misconfigured. If I remember correctly you need to have static routes to make sure that requests to your ISPs DNS server goes out correctly - policy based routing does NOT work for requests from the firewall itself.
-
@sai:
Maybe DNS is misconfigured. If I remember correctly you need to have static routes to make sure that requests to your ISPs DNS server goes out correctly - policy based routing does NOT work for requests from the firewall itself.
That is correct.
-
Quickguide:
At system>general, use one DNS from WAN, one from WAN2. Then add a static route at system>static routes to <dns of="" wan2="">/32 to your wan2 interface with gateway <wan2 gateway="">. That should fix it.</wan2></dns> -
what should I put as WAN2 gateway? the IP address of WAN2?
-
the gateway of WAN2. You can see it at status>interfaces.
-
Thanks, I got it working now.
I dont have 3 WANS at the moment, but would it be possible to do policy based with 3 WANS using pfsense. I ask because in system->general, there is only spots for two dns servers.
thanks,
Zack -
In general yes. Unless the 2 lines with the dns server fail simultaneously you would be ok. I think you can add a 3rd, 4th, … DNS through hidden config.xml settings too (download your config.xml and duplicate a dns setting and add another dns server there).
-
Hi
i ve the same problem than described above .
:PI ve made a load balencer pool based on 2 wan (static IP )
Load balencer work very well , (i ve putted rules in wan and wan2 for emule , then high id )I m using opendns (that give me 2 dns adress , opendns work very well , better than mines isp ones ::) )
then i ve filled first DNS field in :System > general > two dns server's field and unchecked the "Allow DNS server list to be overridden by DHCP/PPP on WAN
"and not in the dns forwarder , …..
Then , when 1 wan is unplunged , the total group is down ?! ???
an idea ?
-
Gulgux,
What do you mean by " the total group is down" ? Do you mean that you cannot browse or that the link is down (and you cannot ping the gateway of the second link that is up?
If you cannot browse then may be it is due to DNS server not being accessible. You need to make a static route so that the second DNS server is connected to via the second Link.
-
exactly , can't have a dns resolve in fact .
the second member in the group seem to be still working (emule traffic is okay )then , yes, dns problem …
i will try to put a static route , then i must put a static route on wan2 ?regards
-
system>static routes:
add a route like "Interface OPT-WAN, subnet <dns-server at="" opt-wan="">/32, gateway <opt-wan-gateway>Then male sure you use this DNS at system>general as one of your dns servers (one from WAN and one from OPT-WAN).</opt-wan-gateway></dns-server> -
thanks ! ;)