Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can't Get Failover (not Load Balance) To Work – Possible Hardware Issue?

    Scheduled Pinned Locked Moved Routing and Multi WAN
    5 Posts 2 Posters 2.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      orty
      last edited by

      I'm at wits end trying to get this to work, as you wouldn't think it'd really be too hard, so please feel free to smack me if I'm missing something really obvious.

      I have three LANs and two WANs on a 1.2.3 box. Two of the LANs are going out all the time on our T1 line, with the 3rd LAN (a public WiFi) using our Cable Modem's net connection. That's all working just fine, so I know both WAN connections work fine (RRD graphs show the same, and public WiFi are using the cable modem connection). The T1 is a static IP, cable modem is DHCP, plugged into a Sun 4-port NIC on a HP DL380G3 using the hme drivers.

      I'd like to set it up so that if the T1 fails, all traffic from both the two LANs that are using the T1 will go over the Cable Modem (I don't want load balancing, as the various Web apps the folks here use don't do well with changing IPs). So I've setup a failover load balance pool (see attached image), and then set the LAN to use the failover pool (see attached). It works fine, all traffic is going out the T1 like it's supposed to. Load balancer status page has both connections green the entire time.

      To test failover, I decide to unplug the ethernet connection on T1 router, and then all heck breaks loose. I look at the load balancer status page on the web interface, BOTH connections are red, not just the T1 line, and the connectivity is now long-gone. I plug the cable back into the T1 router, and the pfsense box never re-detects the T1 line unless I do a full reboot, and then things work fine again.

      I had similar problems with other NICs, but chalked it up to just cheap realtek nics or poorly packed Intel NICs that I got on eBay cheap. The system works fine otherwise.

      Ideas?
      Failoverpool.gif
      Failoverpool.gif_thumb
      Lan1Failover.gif
      Lan1Failover.gif_thumb

      1 Reply Last reply Reply Quote 0
      • O
        orty
        last edited by

        Bump – sorry to do this, but I'm at a loss here.

        1 Reply Last reply Reply Quote 0
        • J
          jtds_ifpb
          last edited by

          Maybe you have just misconfigured the pool. It happened to me some times when mis-selecting monitor ip and interfaces.

          assuming the wan is 66.39.178.10 and opt1 is 216.87.224.12

          Try to set up a new pool:
          name: T1FailoverToCable
          description: T1 1st, Cable 2nd
          type: gateway
          behavior: failover
          monitor ip:  select WAN
          interface name: select WAN

          click add to pool
          monitor ip:  select OPT1
          interface name: select OPT1
          click add to pool
          click to save
          click to apply

          ok, now remove ALL your LAN rules,
          add a new rule

          action: PASS
          interface: LAN
          protocol: any
          source: any
          destination: any
          gateway: T1FailoverToCable
          description: T1 1st, Cable 2nd

          click to save
          click to apply

          try testing again it should work
          btw you should check the load balancer logs too. Status > system logs > Load Balancer

          "No pain, no gain"

          1 Reply Last reply Reply Quote 0
          • O
            orty
            last edited by

            Sorry about the late reply on this. I re-set it up just like you suggested, and it worked sporadically. I think, however, it's because I tested it differently than I did before. Before to test it I pulled the power to the T1 router. For some reason that knocked both WAN connections offline, according to the load balancer system status page (both WANs are connected to the same NIC – a Sun 64 bit 4-port NIC). When I just unplugged the incoming T1 line from the T1 router (but left the network cable between the T1 router and the pfsense box), it failed over fine to the cable modem, and when I plugged it back in, it (eventually) went back to using the T1 line (it did take quite a while).

            I'm going to experiment a bit more tonight, moving the T1 line to a separate NIC (as I have a couple free slots, was just trying to avoid using the hot-swap slots on this system as they seem to have issues with some cards) and seeing if that fixes the problem. But if anybody has any input, I'm all ears :)

            1 Reply Last reply Reply Quote 0
            • O
              orty
              last edited by

              Update: Kept the T1 on the same 4 Port NIC (along with my Public WiFi connection) and moved the backup cable modem to a separate Intel dual-port NIC (that's all I had handy for a NIC was a dual-port – didn't want to use a RealTek single port). Killed the power to the T1, and it failed over to the cable modem flawlessly within 20 seconds. Unplugged the ethernet cable from the T1 router, same deal. And then everything went back to the T1 line where appropriate.

              Don't know what the deal was, but it's failing over fine now. However, I do see "apinger: command (/usr/bin/touch /tmp/filter_dirty) exited with status: 1" in my load balancer status logs, so I'll have to look into that.

              In the future, I just need to make sure if I'm going to use cheap NICs (that Sun 4-port was less than $10), I don't put both my WAN connections on a single card as that seems to freak the thing out.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.