Failover + static routing

  • Hello Guys,
    I had a weird problem with the following setup:

    • PFsense 2.0-rc1 5 interfaces (1 E1000 + 4x100Mbit sun Happy meal);
    • 2 WANs  and 2 lans (1 interface is off);
    • 1 low cost ISP connection (WAN 1) is dedicated to surfing (it's high speed but not very reliable);
    • 1 expensive but slower ISP connection (WAN 2) is dedicated to VPN access to/form external net/users and access to mail services;

    My goal was to have the WAN1 be able to failover on WAN2  in case of problems on WAN1 so that the local users will continue their browsing, just at lower speed.
    I need to have static routes from LAN to specific hosts since some external hosts require connection from WAN2 interface address .

    The set up was made by using a gateway group while using firewall rules and advanced option to direct specific traffic from LAN through WAN2 for specific hosts.

    The setup was working apart from a very annoying side effect: the connections using the WAN2 gateway as per rules were extremely slow , I'm talking about 5kbit/s.
    I tested the failover and it worked very well (about 5 to 10 ping lost before failover occurs).
    I have a couple of hosts just ouside WAN2 and on its subnet and pinging showed no delay while sending more "heavy " traffic (like email with attachments) produced very slow connection.
    Now I reverted to normal static routes and manual failover.

    I wonder if anybody has some clue on what did I miss.

    Thank you for the time you spent reading about my problem.



Log in to reply