Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    MultiWAN with buggy DHCP Server for one WAN…

    Routing and Multi WAN
    3
    5
    2910
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • 4
      4920441
      last edited by

      Hi,

      I currently try to setup  a  three-wan failover solution. Since we get only very low bandwidth per one ADSL Line but a second ADSL Line isn't very pricy any more I try to do the following:

      WAN -> pppoe to adsl provider
      WAN2/OPT1 -> DHCP to local (internal) Network to a company which gracefully gives us a fragment of their T1 Line
      WAN3/OPT2 -> DHCP to local DSL Provider (local Network with a small 1-Port Router (www.routertech.org) since pfsense in 1.2 stable doesn't support more that one pppoe uplink.

      If I setup all three wan interfaces into a  pool for load balancing, everything seems fine,  except one thing…

      despite I set up my own rules to use the now generated load-balancer gateway, every traffic  runs over the T1 Line.

      While applying the new rule, I also get this error, which at least explains why everything is routed via only one uplink:

      php: : There were error(s) loading the rules: /tmp/rules.debug:131: syntax error pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [131]: pass in quick on $lan route-to { ( ng0 192.168.100.9 ) , ( dc0 192.168.100.9 192.168.100.6 ) } round-robin from 192.168.77.0/24 to any keep state label "USER_RULE: Default LAN -> LoadBalanced LWL/DSL"

      …which is caused - I think - because of the uncommon way of giving TWO defalt gateways by a dhcp reqeuest for the T1…  Or isn't it?

      The even worse thing is, that my WAN connection, which is initiated by pppoe also gets the default gateway of my T1 shared Line...)

      So, my question… is it possible to workaround this problem or do I have to live with it and hope at least the failover switching will work without problems? 
      Since the fragmented T1 is virtually for free, I don't wanna miss it - its synchronous 2 MBit... nice to have, especially for anoter vpn uplink;-)

      Any help would be really appreciated!

      Thanks a lot!

      Uli

      1 Reply Last reply Reply Quote 0
      • P
        Perry
        last edited by

        Why not do the same for your current wan as you did for wan3, Make something else take care of the pppoe.

        /Perry
        doc.pfsense.org

        1 Reply Last reply Reply Quote 0
        • 4
          4920441
          last edited by

          Because another piece of hardware which tends to fail in some time… Okay, I got tripled redundancy, but I have at least two extra pieces of hardware which 'filters' the errors...  Yes off course, that would be a workaround... but I rather like workarounds in soft-, not in hardware;-)

          1 Reply Last reply Reply Quote 0
          • C
            cmb
            last edited by

            this might be related to this, which I haven't had a chance to look into yet.
            http://cvstrac.pfsense.org/tktview?tn=1726,33

            1 Reply Last reply Reply Quote 0
            • 4
              4920441
              last edited by

              Hi,

              maybe it would work if I fix this part of the dhclient script for my needs

              add_new_routes() {
        $LOGGER "Adding new routes"
        $ROUTE add $new_ip_address $LOCALHOST >/dev/null 2>&1

        # Only allow the default route to be overridden if it's on our own interface
#       DEFAULTROUTE_IFACE=`route get default | grep interface | awk '{print $2};'`
        #if [ -z "${DEFAULTROUTE_IFACE}" -o "{$interface}" = "${DEFAULTROUTE_IFACE}" ]; then
                #for router in $new_routers; do
                        #if [ "$new_ip_address" = "$router" ]; then
                                #$ROUTE add default -iface $router
                                #>/dev/null 2>&1
        #                       echo $ROUTE add default -iface $router | $LOGGER
                #               echo $new_routers > /tmp/${interface}_router
                #       else
                        #       $ROUTE add default $router
                        #       echo $ROUTE add default $router | $LOGGER
                        #       #>/dev/null 2>&1
                        #       echo $new_routers > /tmp/${interface}_router
                        #fi
                        # 2nd and subsequent default routers error out, so explicitly
                        # stop processing the list after the first one.
                        #break
                #done
        #fi

              But I am not so sure how I can recognise and separate the second default gatway… which is - as I was told today - isn't a second default gateway at all, it's
              a win2k proxy server whose pdc thinks its a failover dhcp server...

              I don't know why they don't do anything about it... buts it's absolutely worthless to get mad about it...

              1 Reply Last reply Reply Quote 0
              • First post
                Last post