Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Default gateway with many Lan a multiwans

    Scheduled Pinned Locked Moved Routing and Multi WAN
    13 Posts 5 Posters 3.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ?
      Guest
      last edited by

      Hm, I am wondering why you will not be using the laod balancing modus and go either with the fail over modus
      instead of!? if you configure load balancing you get both variants in one solution, please correct me if I am wrong!

      If you set up the both WAN ports and also policy based routing and then one WAN line fails, the entire
      load will be pushed over the other WAN interface, but if both WAN interfaces are up, you profiting from
      them both also.

      1 Reply Last reply Reply Quote 0
      • T
        tobiascapin
        last edited by

        This can be interesting… but can I choose (for some rules) to force a specific gw? For example I need to route the smtp traffic to my smtp provider by a specific interface, not from both.

        1 Reply Last reply Reply Quote 0
        • H
          heper
          last edited by

          yes, firwall rules work from TOP–>DOWN  (first match, wins)

          so this would work:

          
          1) source:any   destination:smtp   gateway: isp1
          .
          .
          .
          5) source any  destination:any   gateway: loadbalance_gw
          
          

          this would not get the correct result:

          
          .
          .
          .
          5) source any  destination:any   gateway: loadbalance_gw
          6) source:any   destination:smtp   gateway: isp1
          
          
          1 Reply Last reply Reply Quote 0
          • T
            tobiascapin
            last edited by

            If I understand the loadbalancer is a good idea, but this do not solve the problem: I need to set all ruote lan to lan with "default" as gateway setting to let pfsense use the default routing table.

            1 Reply Last reply Reply Quote 0
            • ?
              Guest
              last edited by

              @tobiascapin:

              If I understand the loadbalancer is a good idea, but this do not solve the problem: I need to set all ruote lan to lan with "default" as gateway setting to let pfsense use the default routing table.

              This depends on what kind of way you are using the load balancing mode.

              • policy based routing
              • service based routing
              • session based routing

              Would be the most common way to realize it clean and stable.

              1 Reply Last reply Reply Quote 0
              • T
                tobiascapin
                last edited by

                Thanks you… I will check for it

                1 Reply Last reply Reply Quote 0
                • H
                  heper
                  last edited by

                  @tobiascapin:

                  If I understand the loadbalancer is a good idea, but this do not solve the problem: I need to set all ruote lan to lan with "default" as gateway setting to let pfsense use the default routing table.

                  you just need to prevent that traffic from LAN1 –> LAN2 doesn't  go over the loadbalancer right ?

                  -create an alias that includes ALL your LAN subnets

                  -add on the lan1/2/3 a firewall rule on TOP that states: source:any | destination: your_alias | gateway: *

                  1 Reply Last reply Reply Quote 0
                  • T
                    tobiascapin
                    last edited by

                    I may set the loadbalancer for all destination NOT in this local-subnets alias? Am I right?

                    1 Reply Last reply Reply Quote 0
                    • H
                      heper
                      last edited by

                      yes, that would work also.

                      1 Reply Last reply Reply Quote 0
                      • T
                        tim.mcmanus
                        last edited by

                        @tobiascapin:

                        This can be interesting… but can I choose (for some rules) to force a specific gw? For example I need to route the smtp traffic to my smtp provider by a specific interface, not from both.

                        I do this because I have one WAN interface with static IPs and the other is DHCP.  SpamHAUS blocks SMTP from my ISP's DHCP block (for obvious reasons), so I need to force traffic from that server out the one interface.  This is the rule I have in place to do that (see attached).

                        The server is on the LAN which has a different default gateway, and WAN2GW has the static assignment.  So I created a rule that says all outgoing traffic must use that gateway.  Works like a charm.

                        ![Screen Shot 2015-07-17 at 6.25.58 PM.png](/public/imported_attachments/1/Screen Shot 2015-07-17 at 6.25.58 PM.png)
                        ![Screen Shot 2015-07-17 at 6.25.58 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2015-07-17 at 6.25.58 PM.png_thumb)

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.