Static route seem not work



  • Hi all, here is the issue

    Summarized case:

    static route :
    network - Gateway - Interface
    10.200.0.0/16 - GW_1 - WAN

    Gateway
    Name - Interface - Gateway
    GW_1 WAN 192.168.1.15
    GW_2 (default) WAN 192.168.1.1

    The problem itself: When i want to reach a host belonging to 10.200.0.0/16 network the pfsense router use the default gateway (192.168.1.15) Instead GW_1 (192.168.1.1) static route (i realize this with traceroute from mi pc)

    1. Why this is happend?
    2. How can i troubleshot this? I mean see the routing loggings.

    Thanks.


  • Banned

    Perhaps you could produce some network diagram. Cannot make sense of it.



  • Hi doktornotor,

    Here is the diagram.

    Hope it helps

    Also, i check the routing logs (/var/log/rounting), i get this error:

    Dec  8 19:34:53 pfSense radvd[26269]: version 1.9.1 started
    Dec  8 19:34:53 pfSense radvd[26269]: no auto-selected prefix on interface em1, disabling advertisements
    Dec  8 19:36:48 pfSense radvd[26604]: Exiting, sigterm or sigint received.
    Dec  8 19:36:48 pfSense radvd[26604]: sending stop adverts
    Dec  8 19:36:48 pfSense radvd[26604]: removing /var/run/radvd.pid
    
    

    Pfsense version: 2.3.2-RELEASE-p1 (amd64)

    Thanks!



  • I think i got this.

    In pfsense firewall, on the WAN interface (192.168.1.2):

    It been configured on an interface IPv4 upstream gateway: GW1 (192.168.1.1) so i change that for "none"

    I have to test on production, but i what do you think?

    Thanks!


  • Banned

    I think your network design is completely broken. You cannot have WAN and LAN on the same subnet.



  • I agree, this was already configured, i don't designed the network. But in this case "WAN" is just a name. Of course i like to change it to "lan2" for example.

    Thanks for reply.


  • Banned

    No. Let me try again. You cannot have ANY two network interfaces on the same subnet.



  • Hi doktornotor, this network is already on production with another technology, i agree that this is not the best solution, neither a good solution, but I have this reality and nobody wants to authorize the change me for the cost and the impact asociated.

    I already saw something like this in others fabricant "overlapping subnets" (like that they calling). But, I'm new to Pfsense, when you said "can not" it's really "can not" in pfsense, or is it "should not"?

    Thanks again for your reply.


  • Banned

    Let me try for the last time. You ABSOLUTELY CANNOT have two interfaces on the same subnet. Only one will have link route. Period. Redo your network. Will not ever work.



  • Seconded, your set up is an invalid one. The only way to have the same subnet on two or more interfaces at the same time is to use bridging, if you don't want to take that route you have to redo your set up with a different subnet on pfSense's LAN.


  • Rebel Alliance Global Moderator

    Not seeing where your lan network is called out.. is it also 192.168.1/24??  Or some other sub of 192.168.1 that overlaps with 192.168.1/24 - if so then NO you can not do it that way..

    You for sure could have multiple routes to different IPs on your wan that is your transit network..  But you can not expect it to work if your lan side clients are on 192.168.1/?  And you want them to go to the internet or this other 10.200 network