Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Dual Wan Load balance/failover with Dynamic Gateways

    Routing and Multi WAN
    2
    2
    1817
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      Vescovo last edited by

      :)
      Again, great product!

      Environment 1.0.1-SNAPSHOT-01-19-2007 built on Fri Jan 19 15:38:01 EST 2007
      LAN  192.168.1.1
      WAN DHCP(192.168.0.2)  SS6520 ADSL2+ Router  @192.168.0.254
      OPT1 DHCP(192.168.2.2)  SS6520 ADSL2+ Router @192.168.2.254

      Load Balancer:Pool
      Wan1BalanceWan2  gateway  wan opt1 64.235.192.30 64.230.199.5 Load balance Wan1&Wan2   
      Wan1FailoverWan2  gateway  wan opt1 64.235.192.29 64.230.199.5 Traffic via Wan1 | Wan2

      The Wan1FailoverWan2 Pool is used for outgoing SSH HTTPS.

      Both SS6520s have PPPoE connections with Static IPs except that the Gateway for WAN can change between 64.235.192.29 and 64.235.192.30.

      Changes in the Gateway cause
      Jan 21 18:20:19 slbd[1435]: Service Wan1BalanceWan2 changed status, reloading filter policy
      Jan 21 18:20:19 slbd[1435]: ICMP poll succeeded for 64.235.192.30, marking service UP
      Jan 21 18:20:19 check_reload_status: reloading filter
      Jan 21 18:20:14 slbd[1435]: Service Wan1BalanceWan2 changed status, reloading filter policy
      Jan 21 18:20:14 slbd[1435]: ICMP poll failed for 64.235.192.30, marking service DOWN
      Jan 21 18:19:04 check_reload_status: reloading filter
      Jan 21 18:18:29 slbd[1435]: Service Wan1FailoverWan2 changed status, reloading filter policy
      Jan 21 18:18:29 slbd[1435]: ICMP poll succeeded for 64.235.192.29, marking service UP
      Jan 21 18:18:26 check_reload_status: reloading filter
      Jan 21 18:18:23 slbd[1435]: Service Wan1FailoverWan2 changed status, reloading filter policy
      Jan 21 18:18:23 slbd[1435]: ICMP poll failed for 64.235.192.29, marking service DOWN
      Jan 21 18:13:22 check_reload_status: reloading filter
      Jan 21 18:12:47 slbd[1435]: Service Wan1FailoverWan2 changed status, reloading filter policy
      Jan 21 18:12:47 slbd[1435]: ICMP poll succeeded for 64.235.192.29, marking service UP
      Jan 21 18:12:43 check_reload_status: reloading filter
      Jan 21 18:12:42 slbd[1435]: Service Wan1FailoverWan2 changed status, reloading filter policy
      Jan 21 18:12:42 slbd[1435]: ICMP poll failed for 64.235.192.29, marking service DOWN

      The SS6520s are in router mode for 2 reasons
      Supply a PPPoE client and allow wireless internet access bypassing pfsense.

      Any suggestions besides picking a different monitoring IP?

      1 Reply Last reply Reply Quote 0
      • S
        sai last edited by

        the standard workaround for dynamic ip addresses is to put in a simple (maybe Linksys) router in front of the pfSense.

        You might do a traceroute and pick the next hop as a gateway.  it might work.

        Dynamic gateways! wow. what will ISPs think of next to hassle us?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy