Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Failover some vlans using default gateway switching

    Scheduled Pinned Locked Moved Routing and Multi WAN
    1 Posts 1 Posters 269 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bregol
      last edited by

      I am setting up a home network with a main VLAN and a separate VLAN to isolate home automation / IoT devices.  Additionally, my goal is to run dual-wan in failover, but just failing over the home automation VLAN. The backup WAN would be 4G, so the home automation can use that if the main internet connection goes down, while users won't fail over and eat up data doing other things. I plan to use unbound as resolver, not as forwarder.

      As I'm fairly new to this and trying to get my head around it, it would help to have a couple things checked or questions answered:

      1. From what I understand, using the dns resolver + dual wan, I need default gateway switching turned on.  Then in the firewall, my Accept rules on the lan (ie. to let http/https traffic go out to the internet) should use the Default gateway (no explicit gateway set) for the home automation VLAN; and on the rule for the main users VLAN, I should set the gateway explicitly in Advanced to use just the main wan connection.  If I do this, the home automation VLAN will fail over when the default gateway switches, and the main VLAN won't fail over because it is forced into always using the main WAN.  Question: Is this correct, or am I not understanding a part of the mechanics of this?

      2. What about gateway groups? In the docs for dual-wan, it says to set up a gateway group to configure the failover.  Is this not necessary in this case, since failover happens with Default Gateway Switching?  It seems that I could use a gateway group configured for failover, and explicitly set the Accept rule gateway on the home automation VLAN to use that gateway group… but isn't that more or less a redundant mirroring of how Default Gateway Switching will behave in this particular case (failover, only 2 WAN)?  I realize gateway groups and default gateway switching are 2 different mechanics, but for this setup, wouldn't it be less configuration if there was no gateway group?  Or is there some nuance to this I'm missing?

      Thanks for your help!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.