Policy Based Routing being ignored?

  • I have two interfaces with static IPs, and one has the default gateway ticked on.
    Upon adding the second interface, configuring my outbound-NAT, and adding a rule at the top of my LAN interface to route traffic from a specific LAN host out WAN2's gateway.

    When I do a trace route, my traffic still leaves the router via WAN1's gateway. I've got to be missing something here.

    edit: I can intermittently ping the WAN2 address, but pinging the world from that interface works flawlessly.

  • Rebel Alliance Developer Netgate

    Are both WANs in different subnets, or are they different addresses in the same subnet?

  • I have same problem

  • I solved my own issue. The VLAN interfaces being used share MAC addresses, and they were in the same switching domain and the switch was swapping which ports the MAC lived on.

    This is a huge issue with the XG-7100 if you want to have multiple "physical" interfaces outside of the SFP+ ports.

  • Rebel Alliance Developer Netgate

    That wouldn't normally be a problem, unless you are trying to use the same subnet on both interfaces.

    VLAN interfaces always share the MAC of their parent interface. That is not specific to the 7100.

  • I'm aware of sharing MACs being the expected behavior, and they were separate subnets. However the reason for all of this is because the WAN comes in via one fiber pair and eventually we wanted to do HA and have a segment of the switch be the WAN.

    I had the two interfaces separated in pfSense into two PVID ports on the internal switch, and they were plugged into the same PVID marked ports on the main switch in the rack, and I saw that MAC bouncing between two of the ports in that VLAN on the main switch. If that's tough to follow I can sketch out how it was configured since it's good now, but we're using a really convoluted solution for now.

Log in to reply