Multiwan failover takes a long time to switch over
-
Greetings,
I'm evaluating the multiwan capabilities of pfSense and I'm noticing that it takes a very long time to failover from a primary interface to the failover interface. My load balance pool is setup in failover mode. I'm testing switchover times using pings to various IP addresses.Is this normal or are there additional settings I can tweak?
Thanks!
-
how long does it take? pfsense should ping the target every 5 seconds and that is how long it takes to switchover.
-
For testing, I had maintained a ping to a well-known DNS server on the Internet. I disconnected the primary WAN interface on my pfsense box and expected the pings to timeout for a few rounds, but then resume on the failover interface.. This didn't happen.. Once I stopped the pings and started pinging another well-known dns server, pings to the other DNS server came back fine and routed through the failover.
So what I'm really trying to say is it didn't seem like pfsense failed over to the backup wan until I started a new connection to a different Internet address.
-
existing connections are not rerouted. they just timeout and have to be re-established.
once an ISP is down, all new connections would go through the other ISPs.
-
Search for afterfilterchange if it should be a problem (added in the fit123 package for pfsense1.2.3)
-
Thanks for the responses. I'm going a different route now regarding maintaining high availability on vpn tunnels.. will hold out for 1.2.3 and try multi-wan again.
Cheers
-
MultiWAN failover works fine but you have to be very careful about your monitoring IPs. See the "If a connection is red (down) for no apparent reason" section of this page in the wiki:
http://doc.pfsense.org/index.php/Troubleshoot_Outbound_Load_Balancing_Issues
…it applies to your issue as well.