Problem or my mistake..? Policy based Routing 2.0-RC3 [Aug 18, 19:09:20, 2011]
-
Hi,
i have had some problems in policy based routing via static route.
I have configured a additional gateway and set a static route to a remote network in pfsense. To get this route working i have added a firewall rule in LAN tab to direct the traffic for remote network to the static route.
When i set the gateway in Advanced features to the additional gateway (policy based routing), the connection becomes very unstable (ssh connections are disconnected after a few seconds, mysql connections are lost…).
But when i set (let) the gateway configured to default, the system routing table is used and the connection is stable without any connection losts or disconnects.
My Problem is solved now but i want to know if there is a bug in policy based routing or i have misunderstood something.
Thanks,
brick1
-
You do not need policy-based routing for static routes.
You may have introduced some kind of asymmetric routing in the process, especially if that other network is reached via an IP on the same network where the client is.
With the gateway as default, the firewall will send back an ICMP redirect and the client will talk directly to the other router. With PBR, the firewall will try to forward it there on its own.
You probably also want to go to System > Advanced on the Firewall/NAT tab and check the box to bypass firewall rules for directly connected networks.
