• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

MultiWAN with buggy DHCP Server for one WAN…

Scheduled Pinned Locked Moved Routing and Multi WAN
5 Posts 3 Posters 3.0k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • 4
    4920441
    last edited by Aug 1, 2008, 7:53 AM

    Hi,

    I currently try to setup  a  three-wan failover solution. Since we get only very low bandwidth per one ADSL Line but a second ADSL Line isn't very pricy any more I try to do the following:

    WAN -> pppoe to adsl provider
    WAN2/OPT1 -> DHCP to local (internal) Network to a company which gracefully gives us a fragment of their T1 Line
    WAN3/OPT2 -> DHCP to local DSL Provider (local Network with a small 1-Port Router (www.routertech.org) since pfsense in 1.2 stable doesn't support more that one pppoe uplink.

    If I setup all three wan interfaces into a  pool for load balancing, everything seems fine,  except one thing…

    despite I set up my own rules to use the now generated load-balancer gateway, every traffic  runs over the T1 Line.

    While applying the new rule, I also get this error, which at least explains why everything is routed via only one uplink:

    php: : There were error(s) loading the rules: /tmp/rules.debug:131: syntax error pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [131]: pass in quick on $lan route-to { ( ng0 192.168.100.9 ) , ( dc0 192.168.100.9 192.168.100.6 ) } round-robin from 192.168.77.0/24 to any keep state label "USER_RULE: Default LAN -> LoadBalanced LWL/DSL"

    …which is caused - I think - because of the uncommon way of giving TWO defalt gateways by a dhcp reqeuest for the T1…  Or isn't it?

    The even worse thing is, that my WAN connection, which is initiated by pppoe also gets the default gateway of my T1 shared Line...)

    So, my question… is it possible to workaround this problem or do I have to live with it and hope at least the failover switching will work without problems? 
    Since the fragmented T1 is virtually for free, I don't wanna miss it - its synchronous 2 MBit... nice to have, especially for anoter vpn uplink;-)

    Any help would be really appreciated!

    Thanks a lot!

    Uli

    1 Reply Last reply Reply Quote 0
    • P
      Perry
      last edited by Aug 1, 2008, 8:10 AM

      Why not do the same for your current wan as you did for wan3, Make something else take care of the pppoe.

      /Perry
      doc.pfsense.org

      1 Reply Last reply Reply Quote 0
      • 4
        4920441
        last edited by Aug 1, 2008, 7:12 PM Aug 1, 2008, 5:41 PM

        Because another piece of hardware which tends to fail in some time… Okay, I got tripled redundancy, but I have at least two extra pieces of hardware which 'filters' the errors...  Yes off course, that would be a workaround... but I rather like workarounds in soft-, not in hardware;-)

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by Aug 2, 2008, 5:36 AM

          this might be related to this, which I haven't had a chance to look into yet.
          http://cvstrac.pfsense.org/tktview?tn=1726,33

          1 Reply Last reply Reply Quote 0
          • 4
            4920441
            last edited by Aug 9, 2008, 9:37 PM

            Hi,

            maybe it would work if I fix this part of the dhclient script for my needs

            add_new_routes() {
        $LOGGER "Adding new routes"
        $ROUTE add $new_ip_address $LOCALHOST >/dev/null 2>&1

        # Only allow the default route to be overridden if it's on our own interface
#       DEFAULTROUTE_IFACE=`route get default | grep interface | awk '{print $2};'`
        #if [ -z "${DEFAULTROUTE_IFACE}" -o "{$interface}" = "${DEFAULTROUTE_IFACE}" ]; then
                #for router in $new_routers; do
                        #if [ "$new_ip_address" = "$router" ]; then
                                #$ROUTE add default -iface $router
                                #>/dev/null 2>&1
        #                       echo $ROUTE add default -iface $router | $LOGGER
                #               echo $new_routers > /tmp/${interface}_router
                #       else
                        #       $ROUTE add default $router
                        #       echo $ROUTE add default $router | $LOGGER
                        #       #>/dev/null 2>&1
                        #       echo $new_routers > /tmp/${interface}_router
                        #fi
                        # 2nd and subsequent default routers error out, so explicitly
                        # stop processing the list after the first one.
                        #break
                #done
        #fi

            But I am not so sure how I can recognise and separate the second default gatway… which is - as I was told today - isn't a second default gateway at all, it's
            a win2k proxy server whose pdc thinks its a failover dhcp server...

            I don't know why they don't do anything about it... buts it's absolutely worthless to get mad about it...

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
              This community forum collects and processes your personal information.
              consent.not_received