Default gateway switching concern
-
What happens when I "allow default gateway switching" and then have a failover rule in my LAN rules? Are they not conflicting each other? I have two WANs.
-
what happens is , the default gateway gets switched a wan goes down ….
with "allow default gateway switching" disabled, the default gateway stays where it was
-
what happens is , the default gateway gets switched a wan goes down ….
with "allow default gateway switching" disabled, the default gateway stays where it was
Lol, of course that's what it does. The one you said is written in the GUI itself.
What I was asking is what happens when that option is enabled TOGETHER WITH a failover configuration?
-
Nothing happens…
If im not wrong, if you dont enable "allow default gateway switching", when your WAN (that is configured as Default GW) goes Down, all traffic that is not using the "policy routing" rule try to go trough the Default GW.
-
@ptt:
Nothing happens…
If im not wrong, if you dont enable "allow default gateway switching", when your WAN (that is configured as Default GW) goes Down, all traffic that is not using the "policy routing" rule try to go trough the Default GW.
Oh ok. So I think these two instances are redundant when set together? I mean you can just use allow default gateway switching alone and set all traffic to use the default gateway instead of setting up failover, right?
-
Is dificult to me explain it, Eng. is not my mother lang.
I try to explain with this example:
Lets say, you have 2 WAN & LAN, WAN1 is your "Main" connection, WAN2 is your "Backup"
If you have created the GW Group, named "FOGW"; WAN1–> TIER1 & WAN2--> TIER2
and you have WAN1 as "default gateway"
In you LAN rules you have only the "Anti-Lockout Rule" & "Default allow LAN to any rule" ( just as they are when you install pfSense )
- LAN net * * * * none
If you have "allow default gateway switching", in normal condition, all outbound traffic will go trough the Default GW ( WAN1 GW )
when WAN1 goes Down, the Default GW will be switched to WAN2 GW and all your outbound traffic will go trough the Deafult GW taht now is the WAN2 GW.But if you dont set "allow default gateway switching", when WAN1 goes Down, the outbound traffic will try to go out trough the Default GW ( WAN1 GW) and you will loose your "internet ".
If you edit the "Default allow LAN to any rule" and set the GW to your FOGW
- LAN net * * * FOGW none
If you dont set "allow default gateway switching", and WAN1 goes Down, you will not loose your "internet" because now all outbound traffic will go trough WAN2 and its GW.
If you dont set "allow default gateway switching", the only one who will loose its "internet" connection will be the Firewall (you wont be able to install packages / check for updates)
so, is up to you how you will implementing / setting it
-
Thanks for the explanation, I think I understand it now :) So it's still better to enable both setups.
