Load Balancer gateway do not come back "online" after Modem outage
I repost this message with a new title, better describing the problem.
With a DHCP wan interface, getting a public IP address from the modem :
As soon as i disconnect or power off the modem, load balancer gateway status goes to offline, and never come back to online after modem reconnection or power on.
I've updated to 25 april 1.2.3 version and the problem is still here.
The interface status show "no carrier" when the modem is disconnected or powered off. It does show "up" when the modem is reconnected or powered on. This is normal. But load balancer gateway status never come back to "online".
Doing a dhcp release and renew in the interface status page do refresh the load balancer status to the right "online" status.
I think there are two possible sources for this problem :
- The problem does come from the provider gateway, changing at reconnection. For this provider, only the gateway does change, not the IP adress. (static IP delivered by DHCP, but changing gateway).
If the problem is here, there should be an option inside PFsense interfaces, to force a DHCP renew after disconnection.
- The problem does come from broken or missing code inside the load balancer. But i don't think so because i have another wan dhcp interface working correctly (static ip and static gateway delivered by DHCP).
AFAIK the recommended setup is to have fix gateway on wan. On my wag200 I DMZ 192.168.101.1 to pfSense.
I also a have cable modem (Motorola SB5101) that is setup with DHCP. Luckily the ip doesn't change that often and only had have a problem once after my ISP made a system upgrade.
There is a small chance it is your order of the monitor IP. You can compare with http://pfsense.site88.net/multiwan.html
Same thing here.
I have two linksys dd-wrt's connected to my modems. I then have my pfsense box connected to those. That way I have a fixed gateway. When ever I disconnect power to the modems my gateways may change but the linksys will take care of that. Don't forget to disable the firewall on the linksys and put pfsense in the DMZ.
Each time you add a software router, you add from 3ms to about 10 ms latency, sometimes more. This is not good for realtime traffic.
Adding a DD-wrt box between the PFsense box and the modem add a failure point. I would prefer to add a second PFsense box with CARP for redundancy, and eventually a second redundant switch.
Simpler is better. Why Pfsense would not be able to support a changing gateway through DHCP ? It 's just a matter of code to detect the gateway change, or just force a DHCP renew ?
Doing a NAT public IP -> DMZ LAN IP is certainly working but is not the simpler solution neither the faster one because the modem need to manage DMZ through a firewall rule. I considere this as a workaround. I do not like to see a modem doing more than bridging because they are Linux based devices, sometimes with an old 2.4 kernel. I've seen at least one weird bug in the Linux kernel for masquerading so i do not trust it a lot. (this bug was sending the private IP to the world, after a PPPoE reconnect on a OpenWRT box).
I think that the simpler is to have the modem working in ppp half bridge or RFC1483 bridged or routed, with no NAT neither routing neither firewall. Then PFsense can do all this work faster with the power and routing efficiency of FreeBSD.
Full bridge modem is another solution, giving native IPv6 support with some providers, but then PFsense needs to do the PPP job, and this is not supported for multiwan setups. Another inconvenient of this is that you get a lower MTU. Half bridge modem with pppoa gives a 1500 Bytes MTU.
someone mind telling me if load balancer is fully functional without issues in the latest 1.2.3 snapshot? I plan on upgrading from my 1.2-RC2 lol. Load balancer is very important for me.