Dual WAN w/ DHCP workaround - DNS problems?
-
I have set up my pfSense box I have the T1 (static) as my primary WAN, I also have a Cable modem which gives me an address via DHCP.
After reading the forums I learned that dual WAN balancing / FO doesn't work right with DHCP. So I put a Win 2003 server box with RRAS between the Cable modem and the pfsense box. The problem is that even now with a psuedo static ip config on the OPT1 (cable/win2k3) I get problems loading webpages when load balancing is enabled.I have tried adding static routes for the DNS servers and that doesn't help.
Current config.
WAN 209.198.103.165 - gateway 209.198.103.161
LAN 192.168.1.1
OPT1 10.0.0.2 - gateway (Win2003 box) 10.0.0.1DNS 4.2.2.1 and 4.2.2.2
static route for dns is:
4.2.2.1 -> 209.198.103.161
4.2.2.2 -> 10.0.0.1Here are my Firewall rules on the LAN interface
Proto Source Port Destination Port Gateway Description
TCP LAN net * HTTPS * *
TCP LAN net * 127.0.0.1 * * Outgoing FTP Traffic
TCP LAN net * * 25 (SMTP) *- LAN net * * * Cable LoadBalance T1
- LAN net * * * Cable Failover T1
the last 2 are the pools I set up in the load balancer
the monitor ip for the OPT1 on both pools is 73.195.28.1 which is the first hop out of the win2k3 box
the monitor ip on the WAN for both pools 209.198.103.161Like I said above with this setup I get problems loading webpages
looks like a DNS issue to me.What am I doing wrong here. Since I put in the Router/windows box in front of the Cable it doesn't work any better than when I tried plugging the cable directly into the pfsense box.
BTW both interfaces are marked up and I can surf the internet on the Windows RRAS box via terminal services through the private network behind the pfSense box.
Also I am using 1.0.1-SNAPSHOT-02-27-2007
built on Mon Mar 5 12:08:17 EST 2007I did update this from 1.0.1 via the firmware update in the WebGUI. I have read about that messing things up, do I need to install from scratch? (I don't want to do that if possible)
-
http://forum.pfsense.org/index.php/topic,3501.msg21365.html#msg21365
-
I have deleted all pools and firewall rules that were referencing the pools and rebuilt them in many different ways since the Snapshot upgrade.
Any other ideas?
-
The static route for the dns server at wan is not needed as this is covered by the default route. Remove it. This shouldn't mess things up though.