3G outbound failover not working
-
I would like to use a 3G modem connection as outbound automatic failover connection (ADSL is configured as primary wan), but I am not able to make it working.
I configured the 3G modem (Huawei E180) in Interfaces-PPPs, then I added a "3G" gateway in System-Routing-Gateways and I created a "GW_Failover" gateway group in System-Routing-Gateway Groups, adding Wan (Tier1) and 3G (Tier2).
Then I assigned "GW_Failover" to the Lan outbound rule in Firewall-Rules-Lan as explained at http://forum.pfsense.org/index.php/topic,10407.0.html.What I expected:
bringing down the primary Wan (ADSL), the 3G modem should become active (dial up) and the traffic should be routed through the 3G connection. When the primary ADSL connection comes up again, the 3G modem should disconnect and the traffic should be routed through the ADSL connection. I don't need balancing, just failover.What really happens:
bringing down the primary Wan (ADSL), the 3G modem remains idle and the internet connectivity is lost.
If I succeded (in whatever manner) to make the 3G modem dialing up, all the traffic is router through the 3G connection, and the internet connectivity is restored, but when the primary ADSL connection comes up again, the 3G modem remains connected.
I didn't find any way to bring down 3G connection….. the disconnect button available in Status-Interfaces doesn't work.
I tried also to configure automatic gateway or a fixed one to the 3G interface, but I got the same behaviour.Here is my configuration:
System-Routing-Gateways:
WAN (default) WAN 192.168.100.1 192.168.100.1 Interface WAN Dynamic Gateway
3G 3G Dynamic 193.204.114.105 Interface 3G Dynamic GatewaySystem-Routing-Gateways Groups:
GW_Failover WAN Tier1
3G Tier2Firewall-Rules-LAN:
ID Proto Source Port Destination Port Gateway Queue Schedule Description
* * * LAN Address 22 * * Anti-Lockout Rule
80
443
* LAN net * * * GW_Failover None Allow All (LAN -> Any)What is going wrong?
-
Any suggestions? :(
-
Currently there is no way in having 3G modems stay unconnected.
It needs the connection up to send icmp(ping) probes to the monitor ip. -
Than you for you help!
I think this is a strange behaviour….... generally, 3G connectivity is not "flat". It does not make sense to keep a 3G connection always on :-( Is this a bug?
I currently use several commercial routers with 3G support and they always consider 3G modems as a dial-up connection. I you use a 3G modem as a failover connection this must be on only when needed (on-demand)!I also tried to put a checkmark on "dial-up" in the advanced settings, but this seems to be ineffective.
Analyzing system's log I found a message like "Gateway is invalid - Ignored" appearing after the primary wan goes down. It doesn't sound good, but apparently I cannot find anything wrong......
-
I've used 3g backup connections on a number of commercial applications and, for our ISPs, there is no cost involved in keeping a permanent connection. So I've allways configured the backup link as allways on.
The downside, and I've witnessed this time after time, with only having a backup link connect when the primary fails is you don't know if the backup link is going to fail until it's to late.
By keeping the backup link active at all times you can monitor it for failure just like the primary link and then you have opportunity to do something about it before it's needed.
The classic failure mode on 3G backup links is the sim card expiring because no one thought to renew it.
ymmv. -
Well we monitor the link to know its up.
The only improvement i can agree is needed is just that the monitoring on the 3G link should start only when traffic starts passing through it and not send constant pings through the 3G side.
And IMO its the only improvement needed since as stated it does not add any cost. -
Hum….. unfortunately most of our 3G contracts are not "flat" and you are charged for the time you stay connected (often in 15' chunks). This means if you connect and you drop the connection after 10'' you are charged 15', if you stay on 16', you are charged 30'. This is the standard in Italy...... :-(
All 3G routers I know use 3G modems as a dial-up connection to be on only when needed because a 3G failover connection always on is completely useless if you have this kind of contract. I hope that this feature will be implemented soon.... -
@ermal:
Currently there is no way in having 3G modems stay unconnected.
It needs the connection up to send icmp(ping) probes to the monitor ip.I don't understand…....
Ermal, can you please explain me what are used for the following options in PPP Advanced options (Dial on demand - Idle timeout)?
They look like just what I need, but they are not working....
-
Dial on demand is the one required for not having it on.
But the monitoring utility that is on backround always sends ping through the the 3G that is why they seem to not work.I think you can open a Feature request on redmine.pfsense.org for 2.1
-
@ermal:
Well we monitor the link to know its up.
The only improvement i can agree is needed is just that the monitoring on the 3G link should start only when traffic starts passing through it and not send constant pings through the 3G side.
And IMO its the only improvement needed since as stated it does not add any cost.I totally agree.
I also use the 3G failover and with only pinging all day long, 5mb of traffic is generated!
I only have a 500mb a month dataplan, so this is not going to work for me.
Without any regular traffic my dataplan is used up.Does someone already has opend a ticket?
-
I don't agree….... in Italy you pay for the TIME you stay connected, not for generated traffic!
All known routers supporting 3G modems work like I am asking for.....I opened a feature request:
http://redmine.pfsense.org/issues/1388