4. Multi WAN with wrong default gateway

Multi WAN with wrong default gateway

  • B

    Hi all,

    I have a problem and I can't find the reason.

    Configured a pfsense 2.3.3-RELEASE (amd64) with Gateway Group.
    In System->Advanced->Miscellaneous option "Default gateway switching" is disabled.

    PFSENSE itself has 3 gateways configured: ISP1 (192.168.0.2, default gateway), ISP2 (192.168.1.1) and LOCAL_GW (172.16.0.1, for internal routing).

    My Gateway Group configuration:
    ISP1 as TIER 1
    ISP2 as TIER 2
    LOCAL_GW never

    This LOCAL_GW is there just to static routes, not for internet purpose, but gateway groups configurations shows all gateways configured in pfsense.

    The problem is pfsense is triggering member down on ISP1, showing in the log it has about 24% percent. (Two problems here: 1) It should take action only in 100% loss and 2) If I run a ping to IP using to monitoring this gateway, there is no loss at all).

    MAIN PROBLEM: Instead of setting the ISP2 to default gateway, pfsense put my gateway LOCAL_GW as default gateway.

    Did you guys know sometinh about this problem?

    0
  • P

    I'm having problem with same configuration. "Default Gateway Switching" is enabled on advanced options, and I have 3 gateways defined on System -> Routing menu. One of them is the default gateway. When it goes down, the pfSense switches to other one, but I don't understand what logic it's using to choose the backup gateway. It's simply changing to other (I seems that it's using the alphabetical order, but I don't no). The question is that I can't define what's the backup default gateway in any way. Some solution for this case?

    0
  • LAYER 8 Netgate

    Yup. You can't use Default Gateway Switching if you have an inside gateway defined. There is nothing keeping that from being selected as the new default gateway.

    There are some feature requests out there but I don't think anything is set there yet.

    So inside gateway: don't use default gateway switching. Usually completely unnecessary anyway with proper policy routing.

    0
  • P

    Thanks for your reply, Derelict.

    I have only two interfaces (WAN and LAN), but three gateways (ISP, Local Core and MPLS Router). The default one is the ISP (WAN).

    When this gateway goes down, I would like the pfsense change the default route to MPLS Router, in LAN net. If the Local Core is set, a loop is created. In this cenario, I think there's no need to create a policy routing. My only need is to specify the backup default gateway, and don't let the pfsense choose one by himself.

    There's a way to do this?

    Sorry for my poor English and thanks again.

    0
  • LAYER 8 Netgate

    No. You want to set up a gateway group for the ones that actually give you internet access.

    But it is usually FAR better if they are all on their own interface.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy