Ifdepd package?



  • Hi All,
    I was sure there was an ifdepd package in pfsense, however on the newly installed pfsense v1.0 boxes i did this afternoon it's not listed… anyone know where it's hiding?
    Cheers!



  • We started to remove packages that are not working as expected or that are broke atm. That's why it was removed (for now).



  • Perhaps a little background might help (having considered that what i'm trying to do might be achievable some other way…).

    A client of mine has a pair of PFSense boxes in both of their locations, and an ADSL and SDSL connection from different ISP's. We're trying to set it up so that if one ISP goes down then the other will CARP in and start working seamlessly...

    Each pfsense in each location will be connected to one isp and is setup with a virtual IP on the LAN side. The appropriate ISP pfsense boxes will have a VPN joining them together, and what i'd like is to monitor the endpoint of the vpn on each box and if it can't reach the endpoint then it should CARP the boxes and allow the alternate machine a chance, and obviously when it returns it should change back.



  • @hoba:

    We started to remove packages that are not working as expected or that are broke atm. That's why it was removed (for now).

    Ok, that makes sense, but what was broke or not working as expected, and is there any way to achieve what i'm trying to achieve (see above) at present?



  • Not that I can think of atm. ifdepd would only help you if the link of an interface goes down. As you in most cases have a modem or something in front of you the link would still be up at the sdsl connection even if the isp is not reachable any more (what is more likely than your modem failing).

    Can't think of a configuration to make this work atm. You only could failover at one end if one of the boxes fails by using a carp IP at LAN as gateway and mobile ipsec client settings to connect to the other end.



  • I could have sworn there was a package that allowed me to monitor an ip rather than an interface status (which obviously would be impossible as you say). Problem was that I didn't have anything handy at the time to test it on and thought "ooh, that'll come in handy later"…



  • Maybe you are mixing something up with the loadbalancer which has a setting for monitor IPs to detect if a link has connectivity.



  • Hrm, well that's a possability, though i was sure it was a package…



  • @cyberprog:

    I could have sworn there was a package that allowed me to monitor an ip rather than an interface status (which obviously would be impossible as you say). Problem was that I didn't have anything handy at the time to test it on and thought "ooh, that'll come in handy later"…

    Probably ifstated….that was pulled before we brought in ifdepd though.  ifdepd doesn't do the same thing as ifstated and isn't really needed.  Unfortunately right now we aren't geared to be able to do what you want.  You'll need to write your own scripts to do this failover - although you may be able to hijack some of the multiwan code (check out /etc/inc/vslb.inc)

    --Bill



  • Does anyone know what was broken with ifstated then? I'm no good with unix scripting at present, but may be able to offer a bounty if i knew what was broken with ifstated :)



  • Not sure there was anything wrong with the package except it wasn't complete.  ifstated is  a pain to configure well although somewhere I think I have some code partially written using the latest OpenBSD code that I ported over.  I might be willing to resurrect it, depending on how much it's worth to you..I'm trying to scrape together some cash for a new laptop right now.  I think I have a fairly decent idea of what it is you're trying to accomplish, but I think a network diagram would help fill in a couple of the blanks for me.

    –Bill


Log in to reply