Multiple Gateways on same subnet
-
My home setup is like :
Campus Internet > Router 1 (10.1.0.1)
Secondary ISP > Router 2 (10.1.0.2)I have setup a pfSense box with the WAN IP as 10.1.200.1 (static) and the gateway as 10.1.0.1, and then I added the second gateway (10.1.0.2) under System > Routing.
I have setup a firewall rule to use by default, the gateway 2 (secondary ISP) for all outgoing traffic, however all traffic is still going through the gateway 10.1.0.1.
What am I doing wrong ?
(I cannot remove the two routers @ 10.1.0.1 & 10.1.0.2 since I live with roommates, and I don't want them to operate through my pfSense box).
-
@dr_tech said in Multiple Gateways on same subnet:
box with the WAN IP as 10.1.200.1 (static) and the gateway as 10.1.0.1,
Place the WAN static IP on the same network as the gateway.
Name the WAN interfaces WAN1, WAN2, etc.
(for better transparency)Alternatively, create a gateway group and the WANs put to failover (tiers)
https://docs.netgate.com/pfsense/en/latest/routing/multi-wan.htmlbtw:
why are you using two WANs this is the question?
load balancing or fault tolerance -
@DaddyGo said in Multiple Gateways on same subnet:
Place the WAN static IP on the same network as the gateway
The WAN static IP is on the same subnet as the other two routers, here is a flowchart to show the same in a better way :
The reason for this setup is, that my campus provides a very high speed (1Gbps) connection, which is highly filtered (a lot of sites blocked), while my ISP offers unrestricted access to all sites, but the bandwidth is only 50Mbps. Hence, I am looking into load balancing first, then I'll setup up some firewall rules to use a specific gateway based on IP address.
I need a 1Gbps connection since some files I download (DICOM images from CT scanners and X Ray machines) are sometimes as large as 2-4 gigs, and I sometimes need to download as many as 20 files a day.
-
ok I see...
the gateway group will be your good friend, with a well-adjusted load distribution
you use WAN interfaces with the same name, but their descriptions only are different, so the system use a lower IP address
-
@DaddyGo said in Multiple Gateways on same subnet:
you use WAN interfaces with the same name, but their descriptions only are different, so the system use a lower IP address
Pardon ?
Gateway groups are also not working in this case, as soon as my primary gateway goes down, I lose connectivity with the Internet.
-
Your windows tracert not showing the pfSense LAN IP as first hop means you have something terribly wrong in your whole setup.
-Rico
-
@Rico said in Multiple Gateways on same subnet:
Your windows tracert not showing the pfSense LAN IP as first hop means you have something terribly wrong in your whole setup.
Oh yes, didn't notice that. I'll try setting up pfSense back from scratch and report back.
-
I re-did all my steps, installing a new pfSense instance, adding a WAN interface with static IP and gateway (10.1.0.1), did a traceroute, all traffic was being routed through the pfSense box :
Added a second gateway under System > Routing :
Modified the default firewall rule to route all traffic through second gateway :
Redid a traceroute :
Everything just breaks apart, NAT stops working, pfSense starts acting sort of like a switch, even when my LAN IP is stil 192.168.1.2/24.Please help
-
@dr_tech said in Multiple Gateways on same subnet:
Oh yes, didn't notice that.
this is not entirely the case...
only ICMP question, listen....
-
@dr_tech said in Multiple Gateways on same subnet:
Everything just breaks apart, NAT stops working, pfSense starts acting sort of like a switch,
there may be serious configuration deficiencies ...
I suggest you try to install only one WAN interface firstand let us see that this behaves, because basically this is a dual-NAT configuration
-
@DaddyGo said in Multiple Gateways on same subnet:
I suggest you try to install only one WAN interface first
I did that, and until that point it works fine. (Pleas refer to my previous post)
As soon as I add the second gateway, and set up the firewall rules to divert traffic through the second gateway, I stop seeing the first hop as the IP of pfSense.
@dr_tech said in Multiple Gateways on same subnet:
all traffic was being routed through the pfSense box :
(Only the first gateway - 10.1.0.1 Campus Network Installed)
-
@dr_tech said in Multiple Gateways on same subnet:
Pleas refer to my previous post
try something please do this:
-
@DaddyGo said in Multiple Gateways on same subnet:
try something please do this:
I have already set it as automatic, the moment I added a second gateway.
-
-
@DaddyGo said in Multiple Gateways on same subnet:
do you want to say / 24
No, I meant that the subnet for my LAN is 255.255.0.0, not the default /24 block. But regardless, even if I try the 24 block, I face the same issue.
-
Ohhh...OK
if you think,..... I have a couple of lab pfSense units, I'll try to model your problem tomorrow...
we have saturday night at 9pm and my wife is waiting with a bottle of wine...is this right for you?
btw:
what is a brief description of your hardware? -
@DaddyGo said in Multiple Gateways on same subnet:
we have saturday night at 9pm
Sure, Have a nice weekend !!
My hardware :
Router 1 (College Router) : Asus RT-AC53 (10.1.0.1)
Router 2 (ISP Router): TP-Link Archer C1200 (10.1.0.2)pfSense: Running on VMWare ESXi (with an Intel i350-T4 passed through)
Port 1 : Input from Asus RT-AC53
Port 2 : Connected to a Switch (pfSense LAN 192.168.1.0/24) -
@dr_tech Where is your connection from pfSense to the ISP router?
-
This post is deleted! -
@kkrazyken
Router 1 and Router 2 are connected to each other (DHCP turned off on router 2). This was so that I could just switch the gateway address on my phone/laptop to access blocked websites quickly, without changing the network.That is the reason why Router 1 is at 10.1.0.1/16 and Router 2 at 10.1.0.2/16.
