4. Failover apparently not working

Failover apparently not working

  • P

    Hi,

    I have installed a failover and load balance pfSense firewall with two WAN interfaces and one LAN.

    Everything seems to be working quite well, but when I take offline one of the WAN interfaces, although I can still access internet, the firewall rule of the failover group does not seems to get any traffic, and the load balance one seems to be receiving all the traffic.

    So in other words, I have one loadbalance rule and two failover rules, but in every situation apparently only the loadbalance rule is working as it increments its counters no matter wich wan interface is online or if both are online, so I'm not sure if the failover is really working or just the loadbalance rule is getting all the traffic through just one interface.

    0
  • L

    Same here, the "take wan offline" is a good test that shows that failover doesn't correctly work.

    0
  • Netgate

    [qupte]
    So in other words, I have one loadbalance rule and two failover rules, but in every situation apparently only the loadbalance rule is working as it increments its counters no matter wich wan interface is online or if both are online, so I'm not sure if the failover is really working or just the loadbalance rule is getting all the traffic through just one interface.

    It works fine.

    If the loadbalance rule matches the traffic the failover rule will never be hit.

    You will need to post more information instead of just claiming it is broken.

    0
  • P

    @Derelict:

    [qupte]
    So in other words, I have one loadbalance rule and two failover rules, but in every situation apparently only the loadbalance rule is working as it increments its counters no matter wich wan interface is online or if both are online, so I'm not sure if the failover is really working or just the loadbalance rule is getting all the traffic through just one interface.

    It works fine.

    If the loadbalance rule matches the traffic the failover rule will never be hit.

    You will need to post more information instead of just claiming it is broken.

    Sorry, I do not even suggest that anything is broken, I'm just saying that "apparently" it's not working for me, so I'm asking for someone more experienced to tell me if it's working as it should or I have something wrong.

    I'm attaching my configurations so anyone can take a look if they want.

    In the firewall rules you can see that only the first rule is being hit, as is the only that have traffic (I take offline both wans alternately and the other rules never got traffic)










    0
  • Netgate

    The only thing that will be effective there is WANGroup. It will match all traffic. The other rules will never be hit. As is evidenced by the traffic counters on them.

    If you want different behavior, delete the other two rules.

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy