Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Failover configuration

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 2 Posters 406 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pmckenna11
      last edited by

      We currently have a primary WAN connection via Comcast and is set to Tier 1. We have a secondary DSL connection on OPT set to Tier 2. When Comcast goes down (all too frequently) the failover works correctly and the DSL connection kicks in after brief period. The problem is that there does not seem to be any mechanism for rolling the WAN connection back to Comcast once service is restored. From my experience in the past, the Tier 1 connection was always treated as the prefered connection if it was available. This does not seem to be the case now. Does anyone have a suggestion or have I miss configured something.

      I considered setting up a load balancing pool but there is a serious performance difference between the 2 services and we do have some VPN stuff that might not be happy using a balanced setup.

      I would appreciate any suggestion.

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        The expected behaviour is that when the tier 1 gateway comes back on-line new connections will then go via that.
        Existing open connections on the tier 2 gateway are not killed, that would be needlessly disruptive in most cases. TCP connections on tier 2 will close or timeout and if re-opened will be on tier 1. UDP connections can stay longer particularly things like VoIP when the state is pretty much held open permanently. That behaviour hasn't changed though.

        There are a few options you can set that vary this behaviour such as 'Flush all states when a gateway goes down' and 'Reset all states if WAN IP Address changes', both System > Advanced settings, but there is no way to force a failback directly.

        You might set a cron job to do something similar at a low traffic time if that applies to your situation.

        Steve

        P 1 Reply Last reply Reply Quote 0
        • P
          pmckenna11 @stephenw10
          last edited by

          @stephenw10
          Thank you so much Steve. Completely explains what I was observing. I just did a test and confirmed that it is working as expected. I also had an error with how I had configured DNS which was confounding things even more.

          Basically there is no need for me to doing anything other than the default behavior. As long as the connections eventually end up going out the Comcast gateway all is good

          Thanks!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.