Odd behavior OSPF
-
Hi Everyone,
I recently setup OSPF in my home environment for the purposes of dual-wan failover.
Topology is as follows:
Area 1 and Area 2 are connected to pfSense boxes which are connected to my ISPs. If either router goes down, there will be a failover event from the switch on area 0 to the other.
Even if the ISP connected to the SG-5100 goes down, that router is still advertising the default gateway. This makes sense, since the link between it and the HP switch is still up. To solve this I created Area 3. This is a link to my other pfSense box where if the ISP goes down, my SG-5100 will get the new route to the internet. All traffic will flow from my LAN, to the SG-5100 then to the other pfsense box and out.
This is all working great.
My problem is that on both routers pfsense side, I need to have static routes back to the HP switch/router or traffic never gets routed back.
Even though all of my internal routes are showing up in pfsense in the ospf routes section:
They are also in the routing table, so I know they were injected?:
State table shows connections not being replied to on my side:
What am I doing wrong? Everything seems to there?
-
When you say traffic is not getting routed back you are talking about traffic coming from the internet back in to your network?
You have two different ISPs, with two different public IP addresses yes? Are you doing anything to maintain state? If your routes are equally weighted, sometimes packets may go out one or the other ISP making it hard to establish a TCP session.
Is there a reason you are using two separate firewalls, and not connecting both ISPs to the same firewall?
As for the static routes, all the routes you are showing us are from which device? It appears to be routing everything to 192.168.200.2 which is which device? and what do the routing tables on 192.168.200.2 look like?