Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2.3.5-p1 : Default gateway switching (solved)

    Scheduled Pinned Locked Moved Routing and Multi WAN
    4 Posts 2 Posters 621 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      anarokus
      last edited by

      Hi,

      We have two WAN links and one point-to-point link.

      I want to do default gateway switching between the two WAN links when one of the links goes down. I don't want the point-to-point link to be used at all.
      Under each gateway in the advanced section there is a weight option, however the language implies that this is for gateway groups.  Can someone confirm that will also apply for default gateway switching?

      For further information, my WAN links consist of one pppoe and one cable modem (docsis). I am using two gateway groups for failover as well, group 1 fails over from pppoe to cable, and group 2 fails over from cable to pppoe. We use group1 for our LAN interface, and group 2 for our guest wifi interface.

      The reason I need to do default gateway switching is because we are using squid, and traffic passing through squid goes via the default gateway and not the gateway group (if there is a way of getting around this then I'd prefer to use that method than gateway switching, but it seems thats not possible).

      Thanks and regards,
      Shane

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        No. The weights are for load balancing tuning.

        As of right now, using default gateway switching along with internal (non-default-eligible) gateways is not a good idea. Policy-routing should be able to deal with about everything except some traffic generated on the firewall. If that is the case the best move is probably moving those services off the firewall so they can be properly policy routed.

        https://redmine.pfsense.org/issues/7633

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • A
          anarokus
          last edited by

          Thanks Derelict for your quick response. It's a pity there's no way of prioritising or controlling the order of the gateways.
          I'll start working on moving services off our firewalls.

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            What is it that isn't working?

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.