Using same gateway monitor IP not allowed
-
Quick question. Why can I not use the same monitor IP (such as 1.1.1.1) for multiple gateways?
I have numerous Wireguard tunnels which by default have a gateway address of the adapter itself, thus i need to supply something else. If the router is pinging with the interface specified, why can't I duplicate the IP? The first few are easy to come up with unique IP's but it turns into a bit of a management nightmare. -
@griffo said in Using same gateway monitor IP not allowed:
Quick question. Why can I not use the same monitor IP (such as 1.1.1.1) for multiple gateways?
Hi,
Observe the rule of formal logic...
so, because it makes no sense, because if there is only one monitor IP and it goes down, more GW will be lost at the same time...
+++edit:
anyway, it makes no sense to set the monitor IP to known DNS servers because it is not consistent
find the next (NEAREST) upstream GW and and set it to monitor IP, it's usually the ISP GW
(make sure this is a public IP, not the RFC1918 address of the SOHO router)
so you will definitely get more accurate values than with a DNS server(s) PINGthe "traceroute" your good friend in this case
-
@daddygo said in Using same gateway monitor IP not allowed:
@griffo said in Using same gateway monitor IP not allowed:
Quick question. Why can I not use the same monitor IP (such as 1.1.1.1) for multiple gateways?
Hi,
Observe the rule of formal logic...
so, because it makes no sense, because if there is only one monitor IP and it goes down, more GW will be lost at the same time...
+++edit:
anyway, it makes no sense to set the monitor IP to known DNS servers because it is not consistent
find the next (NEAREST) upstream GW and and set it to monitor IP, it's usually the ISP GW
(make sure this is a public IP, not the RFC1918 address of the SOHO router)
so you will definitely get more accurate values than with a DNS server(s) PINGthe "traceroute" your good friend in this case
But I don't want to pick some random service provider gateway IP that could change at any time and is not reflective of real world data flow past the providers network into the wider internet.
With Anycast, none of the major services relate to a single device, they are hundreds or thousands of servers spread over the globe, and using something like 1.1.1.1 means i'm always testing access to an actual internet service not my providers gateway. Every VPN would be responded to by a different server / load balancer. Even if they totally borked the config of their service, they are unlikely to take out the networking stack at layer 3.
-
@griffo You are still relying into something "exotic" like anycast.
And unrelated to your connectivity resources, DO fail lowering your overall availiability
Random service provider ip???? Noway.
If you are monitoring a physical connection, then each one has its own provider gw ip
If you are multihomed to the same provider, then you will need an alternative inside your provider.Now, if you are using this for vpn then you need something at your other end of the vpn connection.
The fad/trend of using vpn to ultimately access the Internet is rather new, and gateway monitoring wasn't really designed with this in mind.
I hope this makes sense :)
-
@griffo said in Using same gateway monitor IP not allowed:
But I don't want to pick some random service provider gateway IP
OK..
I was thinking of your own provider (ISP), it's not random...
DNS servers are not designed and used to send ICMP responses- depending on their workload, the responses received also differ, so they do not provide relevant information
so letโs stick with this first ISP GW as a good solution
BTW:
the forum is full of discussions on this themethe end is always that the DNS server(s) is not a monitor IP alternative
