Multi WAN with a DHCP-client interfaces

0x010C · Jan 9, 2025, 8:21 AM

I currently have a pfSense (version 2.7.2) at the edge of a LAN.
On it there is two separate WAN links (let's call them A and B), each configured with a static IPv4. The default-gateway is set on the WAN-A link for the main traffic. The WAN-B link is used for some specific traffic using policy-based routing.
All this works as expected.

My problem occurs when I want to add a 3rd WAN link (WAN-C) which must be used for some specific traffic only, also with policy-routing.
For this one, I configure my new interface in dhcp-client mode (as told by my provider).
As expected, pfSense retrieves an IP address, and a dynamic gateway is created.
However, looking at the routing table in Diagnostics > Routes I see that it has added this Gateway as a default route, in addition to WAN-A-GW, the default gateway that I have configured (so I now have two default gateways...).

When testing from my LAN, I do indeed see jumps from one provider to another from time to time.

I tried reseting the default gateway setting (temporarily switching to "None" then back to WAN-A),
the routing table becomes what it is supposed to be (a single default gateway, WAN-A), but when the DHCP lease is renewed, the issue reappears.

How can I make the DHCP-client no longer add its gateway as the default gateway and keep only the one that I configured myself?

Thanks for your help :)

viragomann · Jan 9, 2025, 9:18 AM

@0x010C
The DCHP enabled WAN interface ever sets a default gateway.
You can select the desired default gateway to be used in System > Routing > Gateways, however.

0x010C · Jan 9, 2025, 9:39 AM

@viragomann Sorry if I was not clear enough. In System > Routing > Gateways I now have 4 gateways:

LAN gateway
WAN-A gateway
WAN-B gateway
WAN-C gateway (automatically set)

And bellow this I have the default-gateway set on WAN-A.

But after enabling the interrface WAN-C, when I look the routing-table I see on top two default route, one on WAN-A and one of WAN-C (it should only be on WAN-A, as configured in the default-gateway field).

Gblenn · Jan 9, 2025, 11:32 AM

@0x010C LAN should typically NOT show up as a gateway in that list... You can have a gateway in the LAN segment, like a standalone VPN server or similar. In that case you set up a static route to it though...

Are you saying that C automagically became a default gateway when you created it? Have you tried changing the default, saving and changing back again?
Also, under gateway group you can create like a failover group, using A, B and C, and setting A to Tier 1 and the others at some higher Tier 2 and 3. Then use this group as the default gateway. All normal traffic wil then go through A, unless A is down. All policy routed traffic will go as per the policy... through B or C.