Failure detection options for multi-WAN failover
-
Can gateway monitoring employ a different failure detection method (like nslookup for example), or is Ping the only way to monitor WAN failure in pfSense?
-
@not-a-bot2024
Do you intend to monitor a DNS server or a gateway?? -
I intend to monitor an ISP for functionality. Just because my gateway is up and the ISP's name server is pingable does not mean the resolver (for example) is functioning.
Oftentimes hosts (resolvers, web servers, DNS proxies, etc.) remain pingable even though their primary services may be down or hung. Being able to resolve something like an A record indicates that both the circuit is up and the resolver is functional, meaning the ISP is performing its most basic functions. Latency metrics would be a third indication of connectivity issues. -
@not-a-bot2024
Why do you bother with the ISP DNS if it doesn't work reliably?
The DNS Resolver on pfSense requests the DNS root servers directly, unless you're using the forwarding mode.
