New version removed Gateway Switching



  • Today I updated pfsense to versión 2.4.4. RELEASE. I noticed that option "Default Gateway Switching" was removed from System/Advanced/Miscellaneous tab. Why? What is the expected behaviour now? How this affects multi-wan failover scenarios?

    Thanks in advance for your support.


  • Banned

    So reading upgrade announcements and release notes is not your thing? You should change that if you don't want to look stupid.


  • LAYER 8 Netgate

    I have been looking at this some today.. I am removing all policy routing to the failover group from my edge (Cable (Tier 1) then ADSL (Tier 2)) and am relying on the new default gateway group instead.

    No more bypassing for local stuff. So far so good.

    This is really good news since most people don't have a problem with multi-wan, but the introduction of policy routing is a challenge for a lot of people.

    Now in simple failover cases all you have to do is make the group, set the default gateway to track it, and you're done. No special rules necessary.



  • @grimson : I'm not afraid to look stupid since only stupid people see things that way and use the forum to express their anger and frustration. Get a shrink.



  • Thanks for you answer @derelict

    Does it mean that we could expect Squid (and other packages that use default gateway) to work well with loadbalance if we set the default gateway group with members on the same tier?

    Best regards.


  • LAYER 8 Netgate

    No. This has nothing to do with load balancing. That still has to be policy routed. But it should help squid in the same way default gateway switching would in a failover situation.

    The real answer for squid and load balancing is to put a squid instance behind the firewall so the outbound connections it makes hit the policy routing rules on the LAN and the load balancing gateway group rule gets applied to the traffic.

    I know people like everything to be "on one pfSense" but in that case you need to separate them for the desired outcome.

    Loadbalance gateway groups (any group with more than one gateway in a single tier) probably should not even appear in the default gateway pulldown. But they do. I am not sure of the behavior there. The default gateway is probably set to the first one found after a sort by tiers.



  • @Derelict said in New version removed Gateway Switching:

    I have been looking at this some today.. I am removing all policy routing to the failover group from my edge (Cable (Tier 1) then ADSL (Tier 2)) and am relying on the new default gateway group instead.

    No more bypassing for local stuff. So far so good.

    This is really good news since most people don't have a problem with multi-wan, but the introduction of policy routing is a challenge for a lot of people.

    Now in simple failover cases all you have to do is make the group, set the default gateway to track it, and you're done. No special rules necessary.

    I apologize if I ask a stupid question, but what exactly is the change? Is it that now you no longer have to add the failover group to an individual firewall rule?


  • LAYER 8 Netgate

    No. It has nothing to do with policy routing. You still have to do that.

    It gives you more control over how the default gateway selection is made.



  • @Derelict said in New version removed Gateway Switching:

    No. It has nothing to do with policy routing. You still have to do that.

    It gives you more control over how the default gateway selection is made.

    I've been searching in the wiki but I am afraid I couldn't find it. What exactly is the change?


  • LAYER 8 Netgate



  • Hi...If you are using a router or your IP has not changed on your modem then the addresses may not have changed." how are you just gonna leave half the people reading this hanging.... If you are going to make a guide please do it all the way and the correct way.

    pcb manufacturing and assembly


  • LAYER 8 Netgate

    What? This is not a guide. Question asked and answered.


Log in to reply