Gateway is down
I got a new HyperV host, finally! ::)
–-WHAT IS WORKING-
Without Pfsense and a manual route on my VMs+host, I can reach a private subnet0 in a second host HyperV, where a Pfsense1 VM routes correctly to that subnet.
With a Pfsense2 VM in the new HyperV still I can reach the subnet0, when I put the Wan interface with Pfsense1 as gateway, but cannot reach Internet.
I put the Pfsense2 Wan interface with gateway to the provider's router, in order to have Internet working.
-the Pfsense1 gateway + static route to the subnet0 on top priority.
-rules allowing traffic outbound from LANs in both Pfsenses (...I not sure about Nat here...) and inbound on the interfaces connected to the router's Lan (pfsense wan gateways).
-tried set the gateway to Pfsense1 as default.
I see the Pfsense1 gateway to Pfsense2 down. And viceversa.
My clients go directly through the router's of the provider (pathping, tracert).
I would like:
-either pass all traffic to Pfsense1
-route all traffic for the subnet0 through Pfsense1, and al the rest through the router's provider.
I know is difficult to read, I don't read much myself... Thanks for your time.
I notice that if a client in Subnet0 does not have a gateway in its nic config, tracert from a router's client, physical or virtual, shows the traffic leaving directly through the provider's router, without ever touching Pfsense1.
| ____VM Subnet0
Router----Pfsense1 backup wan---
| \ laptop
| \Opnsense Wan
dpinger sendto error: 64
dpinger sendto error: 55
Nat, Vlans, no Pfsense2? 8) :-[ :-\
The gateway came up adding a super gentle firewall rule, but I still cannot control the flow to either the VM subnet, or the Internet.
It seems I had the 2nd Wan interface set with the gateway, which is quite normal for a Wan interface, but not if another Wan has already set a default gateway.
still there are issues…:(
Sometimes something works for a while, then maybe a states refresh happens, I get inconsistent results.
egas_tt last edited by
Is it all on the same single host?
I just got a 2nd HyperV and a Dlink Gigabit router with Public Fix Ip.
A second Public Fix Ip Connection is on Pfsense1.
I have now 2/3 Pfsenses and 1 Opnsense all VMs with an External interface on the Lan of the Dlink.
If I try to check the system logs I see no traffic logged, so I started to presume this is happening at switch level. This document speaks about Unfilterable Traffic
This isn't possible if both clients are on the same subnet and switch; In that case, the routing of packets is handled at the switch level, and pfSense has no knowledge of the traffic.
I believe the behavior of HyperV virtual switch is in question. Indeed I had issues with QoS as well.
I think i am trying to do something non logical.
Can somebody give me an advise how to have intercommunication between 2 VM subnets in 2 different Hosts, both connected to the same switch(router)?
I cannot do much modification on the Dlink switch(router).
For egas_tt only
It was a design issue. Basically 2 interface DGs cannot be set to point at each other. 1 of the 2 need have no if-dg.
Osfp helps avoiding to create default routes.
Wonderful Pfsense ! :o 8) ::)