Multi-WAN "failover" config not recovering (pfsense 2.3.2)
-
I have two WAN connections: one DSL and one Cable. The DSL service provides a static, routed /28, and the cable service has the usual single DHCP-assigned IP address.
My configuration has a few routing groups configured:
-
DSL preferred
-
cable preferred
-
balanced
The two "preferred" groups have the preferred service set as Tier 1, and the other as Tier 2. Balanced has both services set as Tier1. Trigger levels for all three are "member down".
This is probably not important but, for completeness, all outbound traffic on the cable service is NAT'd; on the DSL service, only traffic with a source address in RFC1918 blocks is NAT'd.
My firewall rules send any traffic with a source address in the routable /28 to the "DSL preferred" gateway group. The intent is that those hosts should always use the DSL, unless it's down, in which case they should get NAT'd out the cable service.
This works under normal "everything works" conditions, and works as expected when the DSL service goes down. However, when the DSL service recovers new connections from hosts in the routed /28 still get routed out the cable service. So far, the only thing I've found I can do to get the routes to move back is to reboot the pfsense box.
I fully expect already-open connections to continue to be routed out the cable service in these conditions, but I expect that new connections should cause pfsense to find that the DSL service is operating, and prefer that service for the newly opened connection.
What should I be looking at to troubleshoot this? Or have I misunderstood the behaviour of routing groups and the tier settings?
-
-
I found that failover shift to default gateway after 10 minutes. i am not able to reduce this time period.