Peculiar routing behavior
-
Hi!
I've got a pfsense box with one WAN interface and a client VPN interface to single vlan. I assigned both theese gateways a monitor IP. First I used 8.8.8.8 for vpn gateway and 8.8.4.4. To my surprise you cannot ping 8.8.8.8 (vpn gw monitor ip) from within home-vlan. When I changed the monitor IP to a different (quad9) - same behavior. I can though ping monitor IP of the same gatway for the vlan I am using, so it got me thinking to test how routing works. Traceroute hangs on my local gw (pfsense router ip), so I looked up pfsense routing table and discovered that those two monitoring IPs get static routes that go only through the gateway they are assigned to. After a bit it seems resonable, since we want to be sure the traffic for those addresses is routed only through gateway we are trying to monitor. Is it a normal behavior (just making sure) or should I start digging in my config for misconfiguration? :)
-
You get static host routes for:
Gateway monitor IP addresses
IPsec peers in certain cases
System > General DNS servers with a gateway setThat's all I can think of…might be more
-
Thanks!
