Trouble with double WAN
This setup has worked for me for years, but now all of a sudden I did run into trouble.
(IP:s are not the real ones in this example).
I have two WAN NIC:s, both getting public IP address from operator via DHCP. I am running an web server on WAN2 and WAN is for generic surfing purposes.
WAN has IP 220.127.116.11
WAN2 Has IP 18.104.22.168
And the both have the same gateway 22.214.171.124
For unknown reason the packets destined to WAN2 keep on ending to WAN now an then, leading to the services provided by WAN2 being unavailable, example from logs below:
Passed: May 18 08:34:37 WAN_2 126.96.36.199:18635 10.10.30.120:80 TCP:S
Blocked May 18 08:34:29 WAN 188.8.131.52:18635 184.108.40.206:80 TCP:S
I can see in the logs the following lines around when this starts to happen.
May 18 08:34:42 check_reload_status 358 Starting packages
May 18 08:34:42 php-fpm 321 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 220.127.116.11 -> 18.104.22.168 - Restarting packages.
May 18 08:34:40 php-fpm 321 /rc.newwanip: Creating rrd update script
May 18 08:34:40 php-fpm 321 /rc.newwanip: Resyncing OpenVPN instances for interface WAN_2.
May 18 08:34:39 php-fpm 321 /rc.newwanip: rc.newwanip: on (IP address: 22.214.171.124) (interface: WAN_2[opt2]) (real interface: em4).
May 18 08:34:39 php-fpm 321 /rc.newwanip: rc.newwanip: Info: starting on em4.
May 18 08:34:38 check_reload_status 358 rc.newwanip starting em4
This situation happens in somewhat irregular times, maybe between 35 minutes or so. Any ideas what could be wrong here? Tried allready upgrading Pfsense to latest developers version (2.5).
I cant recall any changes done to the environment when this started, but around this time operator was doing some changes to their network (cable modem connection, they seem to have changed to use Huawei technology in their setup).
AFAIK it is not supported to use the same Gateway for Multiple WANs.
Luck if this worked for you in the past...
Yes having the same GW for multiple WAN IP:s worked (at least for me) fine for a while. This is basically the only option you have if you want to run with multiple wan IP:s and your operator is providing you with multiple IP:s with DHCP (mine gives up to 5, no static IP:s available) . Off course for monitoring of GW one must use different targets for every GW.
For testing purposes I did do a fresh install of Pfsense 2.4.4-RELEASE-p2 and the problem seems to stay.
Annoying part is that this setup now works, for a while, then it goes offline, and soon works again :).