Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Bug with gateway monitoring and topology /30

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 684 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      daviddst
      last edited by

      Hi,

      With a OpenVPN client and /30 topology, local IP is localhost address and remote IP is gateway address.

      When gateway monitoring is enabled, pinger monitor only local IP address, so, it's impossible to detect a packet loose or latency.  Sometime, tunnel is up but no traffic pass in the tunnel (trouble on server or client), pinger is unable to detect the problem and load balacing not work.

      pfSense should use remote IP for monitoring gateway instead of local local IP address (gateway can't fixed with dynamic allocation) ?

      Another problem, the remote host on Status/OpenVPN/Client Instance Statistics is not correctly updated. If I start/stop the tunnel, Virtual Addres is updated, but not Remote Host. I don't know if remote host is use for something else.

      Regards,

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        With /30 topology the server address in the /30 is completely virtual and often cannot be pinged. You have to set your own monitor IP address for that case, it can't be automatically determined in a reliable way.

        For the status, that is pulled directly from OpenVPN's management interface. If it's wrong, it's a bug or quirk in OpenVPN's behavior, so you'll have to raise the issue upstream with OpenVPN directly.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • D
          daviddst
          last edited by

          @jimp:

          With /30 topology the server address in the /30 is completely virtual and often cannot be pinged. You have to set your own monitor IP address for that case, it can't be automatically determined in a reliable way.

          I can't set the gateway manually because the gateway change at each connexion. Again, it's usefull to ping local IP address, it could be nice if user sould be able to choose dynamic remote address.

          @jimp:

          For the status, that is pulled directly from OpenVPN's management interface. If it's wrong, it's a bug or quirk in OpenVPN's behavior, so you'll have to raise the issue upstream with OpenVPN directly.

          You're right, I confirm the IP address is wrong in OpenVPN interface, I'll check with openvpn project.

          For that moment, do you know if it's possible to push the new gateway IP address manually to pinger with a script (without pfSense GUI) ?

          Thank you,

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.