Today i noticed many people use: https/http(option to regexp for validating data), dns(google!), ping, interface up/down.

Is there a way to add https and dns to the ping method of interface up/down? We've found that icmp is very unreliable due to the fact most people QOS it way down (ping floods,etc). A long time ago we had a bad gigabit nic card in another isp's peering router - the pings were fine because the default ping was small - but when the packet was large - 20-30% failure. Simple pinging doesn't work well - and as you know HTTPS traffic is very intolerant to interface flipping (unless you have multi-homed with portable IP's but we wouldn't be here in that case). So we moved to http - (best i had) - but https would be even better since the CDN we use supports it. Test every 60s - if fail, try 5 more times every 5 seconds - if less than 3 success - down interface for a minute. Dns likewise could be used to nail 8.8.8.8 - it's generally always up - If anyone can help here i'd be greatful (to payful$!).

Next thing up : Anyone have a real simple example of pfsense 2.0 in multi-wan?

1. T-1 hosts servers that require high uptime SLA apps (dual t-1's on single cisco for a little bit of redundancy) (16ip)
2. Comcast business (5ip)

1. Some apps have to run the T-1 due to ip filtering.
2. Some apps have to run on Comcast due to ip filtering.
3. Mail is bound to the T-1 due to negativity aginst comcast ip's.
3. Certain natted ip's are bound to T-1 or comcast just because.
4. Certain protocols are bound to comcast (https/http/ftp) due to the high speed (100meg down/10 up) but should failover only when comcast is down.
5. I have 1 RDP port punched through both networks (i know bad - i will use port knocking soon as i get this bugger up). simple NAT every RDP is running on a unique port.

question: Anyone got a sample list of configuration to make this work? ( willing to donate $$ to any cause paypal pm or email me)
Question: Sticky connections yes or no?
Question: Any way to get more robust interface up/down - i've found aggressive settings result in too much interface flapping.
Question: We run this in vmware - is it difficult or expensive (ip cost) to run CARP by running two copies? Dual-wan - carp - but i have no extra internet IP's left. Got the vm hooked to cpu 0 affinity, reserved mhz,ram, vmtools,ram affinity (numa westmere cpu's) - hopefully keep the clock drift down? Can carp work with 3 vm hosts? one per?

PM me if you can help - we can pay or trade gear (have alot of cool hardware) - i'm not rich but hey maybe you want a new tablet or video card that I have for your time.

Has anyone every tried vmotion on pfsense with dual wan? I could use vmotion to migrate to the other vmware host when i need to reboot it (patches or hardware upgrades)?

Thanks!