pfsense sends traffic to gateway monitoring ip (if dns resolves to this particular ip)
-
Hi,
i have a gateway group (Gateway1/Tier1, Gateway2/Tier2) where i have to manually put an IP address for Gateway2 as the monitoring IP, as my provider filters pings.
So i decided to put my mailserver IP address there, what caused imho a funny thing to happen.
If i have the mailserver IP in there and i do a traceroute mymailserver it looks like this:
traceroute to mymailserver (xx.xx.xx.xx), 30 hops max, 60 byte packets 1 pfsense.workgroup.local (xx.xx.xx.xx) 0.326 ms 0.298 ms 0.271 ms 2 gateway2 (xx.xx.xx.xx) 12.958 ms 12.959 ms 13.413 msIf i use another IP there it looks like this:
traceroute to mymailserver (xx.xx.xx.xx), 30 hops max, 60 byte packets 1 pfsense.workgroup.local (xx.xx.xx.xx) 0.784 ms 0.837 ms 0.818 ms 2 gateway1 (xx.xx.xx.xx) 21.487 ms 21.640 ms 22.185 msIt even does this if i mark Gateway2 as down manually.
Seems a bit strange to me :)
Any thoughts?
-
@elemy
When you enter a specific gateway monitoring IP, pfSense naturally routes this IP to the respective gateway. Otherwise gateway monitoring cannot work. -
ok, that would make sense, i was a bit confused as i saw all my mails arriving from our backup line.
thanks for clarification!
wouldn't it be better to do something like ping -I opt5 monitoringip?
-
@elemy
The monitoring IP option let you state an alternative IP in case the ISP gateway is not responding to pings.
You can enter any public IP there which is responding, however it must be outside your local network so that the IP is reachable across the gateway. Many people use Google 8.8.8.8 for monitoring. -