Routing problem
-
Right now I have 2 VDSL2 connections with a fixed ip:
- VDSL01 (WeePee) : 217.145.41.xxx (rDNS : openweb.gw.be.it2go.eu)
- VDSL02 (edpNET) : 85.234.198.yyy (rDNS : edpnet.gw.be.it2go.eu)
At that last ISP I also have a routed subnet : 85.234.197.zzz/26.
The first connection (WeePee/Openweb) is used for normal internet traffic, the second one (edpNET) is for my servers). So normaly all my traffic goes tru weepee/openweb, and all server traffic goes tru the edpnet connection.
Everything works great…everything that i connect to the internet uses the openweb gateway and every server is reachable using the edpnet interface, BUT : when i do a traceroute to an IP of my routed subnet (eg 85.234.197.1 or hostname "s01.be.it2go.eu) i got this:
C:\Documents and Settings\Krisken>tracert 85.234.197.1
Bezig met het traceren van de route naar s01.be.it2go.eu [85.234.197.1]
via maximaal 30 hops:1 1 ms 1 ms 1 ms 172.17.95.251
2 1 ms 1 ms 1 ms 192.168.99.1
3 1 ms 1 ms 1 ms 193.191.170.28
4 1 ms 1 ms 1 ms ge.ar1.gntste.belnet.net [193.191.7.89]
5 5 ms 4 ms 4 ms 10ge.cr1.brueve.belnet.net [193.191.17.49]
6 6 ms 5 ms 5 ms edpnet.bnix.net [194.53.172.89]
7 6 ms 6 ms 6 ms router01.sn.edpnet.net [212.71.1.61]
8 6 ms 6 ms 6 ms 212.71.17.2.res.static.edpnet.net [212.71.17.2]9 37 ms 26 ms 40 ms openweb.gw.be.it2go.eu [217.145.41.147]
10 38 ms 53 ms 52 ms s01.be.it2go.eu [85.234.197.1]De trace is voltooid.
See the 9th hop : it is my first ISP (for normal internet connectivity), not my EDPnet line!
Does someone has an idea how i can fix this?
-
you might want to change your public ip's to xx's and yy's.
I didn't get the idea, what is the problem?
-
See hop number 9 in the traceroute. That should be "edpnet.gw.be.it2go.eu" (my connection with the routed /26) and not "openweb.gw.be.it2go.eu".
I don't know if that is possible but it seems that pfsense receives the request using the edpnet connection, and send the answer using the openweb connection?
-
What rules you have concerning to that routed location. Asymmetric routing shouldn't work with SPI, meaning that sending traffic from GW-A and receiving to GW-B should not be working