Dual WAN Setup on XG-7100
-
It is a wireless link to our ISP here , about 100 meters away from our office. I think there is another issue , ISP block ICMP protocol , and the ping to the oceanlink gateway blocked , and I asked them last yesterday to allow ping and they did. I checked this morning in pfsense Status->Gateways and there were both online. The 650 ms latency is our normal internet speed from both ISPs here, very slow but we have no choice.
Now that both gateways are online I tested to see if load balance worked by disabling the other gateway (ATHKL) and it did'n work. There are no internet at all. Pfsense did realize that one gateway has gone and jumped to Oceanlink but no internet access.
-
If 650ms is normal for that link then tune the latency values for dpinger by editing the gateway. That way it will only throw an alarm if latency rises unexpectedly high.
How are you using the load-balance gateway? Let's see the rules where that is set.
Steve
-
I use load balance
Floating rules below
Gateway status
-
Hi naalpv
The link did not work. I wonder how you actually did it. Can you fix the link so we can see what configurations you made
-
First Wan connection configurations (default 4090)
Second WAN connection
-
What it that floating rule applied to?
-
floating rules applies to Lan + other vlans created. Beside the floating rules I also set each vlans to use groupgateway instead of the default.
see below for one of the vlans I created
-
Hmm, that floating rule cannot be applied correctly. There are no states and no traffic recorded against it. Instead evetything is hitting the rule on the interface.
However that should work for load-balancing as long as clients are using some DNS server other than Unbound in pfSense.Does it load-balance correct when both WANs are up?
Steve
-
@stephenw10 Are you suggesting to force vlans to use Unbound (pfsense) as the primary DNS and block outside DNS request ?
-
No. I'm saying that if you were doing that then Unbound itself always uses the system default route which will not failover.
But since you're not doing that it shouldn't be a problem.I think you need to confirm both WANs are in fact working. Make sure you can ping out of both from Diag > Ping.
Set a policy route for just WAN2 for one test client IP in LAN and make sure that can still get out and is in fact using WAN2.
Steve
-
Hi
did you manage to setup dual WAN on XG-7100 ? I have not been able to do dual wan setup and I'm about to throw away my new xg-7100 box and switch back to dell server which have 5 physical interfaces since it is my easier to do on it than XG-7100.If you did can you kindly share your knowledge on this ?
I try this link and it brings me to another side ...
http://naalpv.tk/memo/2018/08/24/pfsense-configuration-dual-wan-avec-xg-7100
-
Ragnar has not logged in since Aug 2018 so I think you may be waiting a while!
What part are you stuck on? What's not working?
Did you get the gateway monitoring tuned so both gateways show as on-line?
The XG-7100 part of the config you already had correct. It was the gateway failover part that was working. It would be no better on other harwdare.
Steve
-
Hey! Sorry for not logging in for so long... :) @wintok and @stephenw10
So, yes I did get this running. I had 1gb up/down fiber and 1 gb/40mb up/down cable with failover running.
I've since (sadly) got rid of the cable line so I no longer have 2 WAN connections, however I'm pretty sure that I did not change the config. If you need updates @wintok I'll get some updated screenshots and post them. LMK
-
@stephenw10
I have not given up completely on XG-7100. I did manage to setup dual wan config successfully during the week-end.Happy to share with you guys if you need it.
-
Good to hear.
-
@wintok Can you share with me the configuration of the dual wan on the xg-7100?
I am getting mad with the marvel chip.Best Rehards Tim
-
What problem are you seeing?
Trying to setup a seconds WAN port on the switch?
Steve
-
Yes need to setup 3 additional WAN Ports (totally 4 WAN and 2 LAN Ports) for a fallback and smart rooting.
-
@stephenw10 Forgot to reply direct to you.
Yes I want to setup additional WAN ports on the switch. -
Ok, so, in summary, you need to:
Add a new VLAN on lagg0 from Interfaces > Assign to use as WAN2 for example 4092
Configure the switch to use that new VLAN. You can use the default WAN (4090) as an example here.
On the Switch > Ports tab chage the PVID of the port you want to use to the new ID, for example 4092.
On the Switch > VLAN tab add a new VLAN group with the new ID (4092).
Add to it the port you want to use as untagged and 9 & 10 as tagged.Remove the port you;re using from the LAN vlan group (4091).
We did a hangout on this with a lot more detail:
https://youtu.be/NgRy14rYhV8Steve
