Wulti WAN only fails over after connection restored (no connectivity while connection down)
-
I have set up a multi WAN on a single pfsense router, but it is not working correctly.
I have set up 2 IPv4 gateways and 2 IPv6 gateways. The 2 IPv4 gateways I have put into a gateway group, both tier 1, and made this the system wide default route for IPv4. All firewall rules use the system default gateway. My intention is that the router puts traffic down both connections while they work, but if one fails, it only uses the good one.
I have partial success. While both connections are up I get connectivity to the internet. However, if one goes down, I can lose connectivity (I say the specific conditions in a bit). When the connection is restored I get connectivity back. But here is the strange thing: whenever I test like this, I can see from checking my public IP that the router has moved over to the connection that didn't fail. But it only did this after the failed connection was restored. Also, once both connections are available, it keeps to the new choice, and doesn't share between them. I can break the other connection that previously went down without having any effect. If I now break the other (in use) connection, then I get the same behaviour in reverse. Also, in the gateways list, it will sometimes say "default" in bold by one of the IPv4 gateways (the one that is currently being used). Since I have chosen the gateway group as the default, I would have expected both or neither to show something like this. I check how pfsense sees the gateway connections on the gateways status page and it sees them exactly as I do (down when I break them and up when I haven't).
So to summarise the behaviour appears to be:
- When both WAN connections are up the router chooses one of them and only uses this.
- If the unused connection fails it has no effect.
- If the used connection fails, all connectivity is lost.
- If the failed connection comes back up, connectivity is restored, but now the router chooses the other connection for all its traffic.
So I have 2 problems:
- pfsense only fails over after a problem has happened
- when both connections are available it only uses one
Can anybody tell what might be the cause of behaviour like this. And what would I do to make pfsense just use whatever WAN connections are available at the time to route traffic?
Thank you for your help