[suggestion] multiple monitor ip

biatche

For gateways to stay up and running, they need to rely on a reliable monitor ip. Most of the time, that's fine, and the very sometimes, it isn't. In my case, me being an incompetent admin if you like, and definitely an incompetent isp, I had a gateway down for quite a long period and i had no knowledge at all. Yes, full of neglect. After many many years, it would turn out that my isp blocked icmp's to the pppoe gateway. I can't quite depend on pinging their dns servers either, cuz they do go down or have high packet loss from time to time. I do have a couple of monitor ips, but I don't know if they are reliable, but what I don't want is to see my gateways go down when the monitor ip's the one that actually goes down. So perhaps by having 2-3 alternate monitor ips, in case the primary goes down for some funny or no reason, I think that'll help with unnecessary outage.

I don't think many here would care for it, since most of you are from the 1st world while I'm in a 3rd, or maybe 4th. Shrugs.

Thanks for reading.

Liath.WW

Actually, this would be useful anywhere if it is even possible.  Even ISP resources in the USA and other places aren't always reliable.  Heck I have to use alternate DNS servers 'cause bellsouth can't manage to keep theirs up and responding in a reasonable time.  Waiting for an hour or two for them to get off their butts and fix stuff isn't in my playbook.

Might be a good feature for pfsense, and if it doesnt' require too much extra coding for the devs, it could be an option.

SeventhSon

I checked out the conf for apinger (the utility that checks the availability of gateways in pfSense).

/var/etc/apinger.conf

and you can add more in:

target "192.168.1.1" {
	description "WAN"
	srcip "192.168.1.4"
	alarms override "loss","delay","down";
	rrd file "/var/db/rrd/WAN-quality.rrd"
}

so we would need:
more rrd files (1 per monitor ip) (?) or just graph the main one?
some more input fields on the gateway page
advanced options per gateway (?)
Some uniform naming of the different IPs to know which IP corresponds to which connection.
Some code to check that AT LEAST one IP responds when one of the IPs fails.

Any more suggestions? I think more people could use this then you imagine! :)

eri--

It will not reach 2.0.
After it it might be feasible.

Veni

@biatche:

[…]So perhaps by having 2-3 alternate monitor ips, in case the primary goes down for some funny or no reason, I think that'll help with unnecessary outage.[…]

I second this motion. Noticed that my monitoring IP for a failover group are not that reliable.

I have a faint memory of that this is possible in 1.2.3.

ldperron

I also have a client that wants this option. Anything I can do to speed this up?

eri--

The only thing to speed up a feature to be implemented is to ask support.pfsense.com.
Surely this means having to pay for it.

In the free development cycle it will come when someone has it in the agenda.