Routing rather than Gateway Group?
-
Rather than using Gateway Groups for failover, is there any reason to NOT use policy routing? For example:
System >Advanced >Miscellaneous > Enable Skip rules when gateway is down
Firewall >LAN
- Source:*, Destination: ! RFC1918, Gateway: PrimaryWAN
- Source:*, Destination: ! RFC1918, Gateway: FailoverWAN
-
@Ximulate said in Routing rather than Gateway Group?:
is there any reason to NOT use policy routing?
Double the work.
-
That was the only reason I could think of at the moment, but at least in my use case I think policy routing might be easier to manage
Before I dive-in to rewriting my rules, I just wanted to make sure I wasn't overlooking something
-
@Ximulate said in Routing rather than Gateway Group?:
but at least in my use case I think policy routing might be easier to manage
Why?
You can specify the failover group as the default gateway. So it is used by any device behind pfSense as well as by pfSense itself.
Policy routing rules have to be defined on each interface on the other hand.The meaning of policy routing is to direct traffic from certain sources or to certain targets to a specific gateway.
If this is, what you want, you can go with it. Otherwise I'd prefer a gateway group as the default.
