Weird Routing problem.



  • Hi,

    I'm running PFSense 2.3.1-RELEASE-p1 (amd64) on a pair of boxes with two WAN connections in Gateway groups as per the attached diagram.

    I have a routing issue that's causing me to lose what little hair I have left :)

    Traffic from 192.168.1.1 to that Internet using 192.168.1.254 as the gateway goes out of 1.1.1.1 as one would expect (it's the PFSense default route in the routing table). This is Good.

    Traffic from 192.168.1.1 to 2.2.2.100 also get routed out of 1.1.1.1 and comes back in the ADSL Gateway. This is Bad.

    If I ssh onto either pfsense box and traceroute to 2.2.2.100 it's one hop as you'd expect. There's an entry in the PFSense routing table for the 2.2.2.0 network on igb3 so I would expect any traffic destined for 2.2.2.100 to go out of igb3 but anything coming in on igb0 for 2.2.2.0 doesn't use that route.

    I've spent ages googling and ploughing through the PFSense settings but can't see what would cause this.

    Can anyone point me in the right direction?

    Thanks.


  • LAYER 8 Global Moderator

    what are your firewall rules on your igb0 interface are you forcing traffic out a specific gateway?

    You need to have a rule in that interface that allows traffic to get to that 2.2.2 network without going out the gateway.



  • Arrrrrrrrrrrrrrgh!!!!

    Here's the Firewall rules for my LAN (192.168.1.1/24 on igb0):

    and I've just noticed the "IPv4 TCP" in the Protocol column  :-[ which borked my tracerouting.

    Thanks very much for the pointer; I've been staring at it so long I wasn't seeing the obvious.


  • LAYER 8 Global Moderator

    Yeah that happens sometimes ;)  So your all sorted now?



  • Yes I am. Thanks.


Log in to reply