Routing lan ip's through a particular gateway
-
Hi everyone,
I have two broadband connections named,
Wan -> em0
Wan 1 -> bge0 and Dhcp enabled for the client systems.
The problem is now, i want a certain set of ip's in my Lan to go through completely to any one 'Wan' mentioned above.
I've tried using the firewall->rules by putting the set of ip's and Wan gateway and everything, but it doesn't go through the one, i want it to.
I've to tell you guys.. I'm noob when it comes to firewall and things.
-
You just need the rule as you described on LAN, and as the top rule so it's the first match.
-
you're a legend dude, thank you!
Got one more question, how do i use load balancer on this two lines. I always get the latency error on the wan1 line i mentioned above. but wan never gives me latency error.
Please don't direct me to the manual. Put it in simple words like before!
-
You mean like apinger alarm delay?
What type of connection are your two WANs?You can tune apinger for connections that have high pings, I believe the default is 200ms.
Go to System: Routing: , edit your WAN1 gateway, click advanced. Enter new, higher latency thresholds.
Of course you may actually have a problem with the connection. ;)
Steve
-
Yup exactly steve.. I thought, I fooled around with the settings.
Looks like a connection error as you said. thank god
I've two broadband one's (optic fiber). 1st is 2-mbps and 2nd one 1-mbps and around 60 clients!
Thanks a lot!
-
Yup exactly steve.. I thought, I fooled around with the settings.
Looks like a isp error as you said. thank god
Thanks a lot!
Guys my pfsense (2.0.1-RELEASE (amd64)) constantly crashes 3 to 4 times everyday. I've submitted the crash report n number of times, my ip is -172-31-144-7,
Please look into it and tell me what to do!
Thanks in advance! -
That's not your IP, or at least not your globally-routable IP, that's RFC 1918. What's your real IP?
-
@cmb:
That's not your IP, or at least not your globally-routable IP, that's RFC 1918. What's your real IP?
Dude that is my LAN/pfsense Ip, I was trying not post my real ip by replacing the "." by "-". lol my bad!
WAN1 = 111.93.153.198
WAN2 = 220.227.74.81!
Anyways: below is the crash report–>
Crash report begins. Anonymous machine information:
amd64
8.1-RELEASE-p6
FreeBSD 8.1-RELEASE-p6 #0: Mon Dec 12 18:09:12 EST 2011 root@FreeBSD_8.0_pfSense_2.0-AMD64.snaps.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_Dev.8Crash report details:
Filename: /var/crash/bounds
1Filename: /var/crash/info.0
Dump header from device /dev/ad1s1b
Architecture: amd64
Architecture Version: 1
Dump Length: 123904B (0 MB)
Blocksize: 512
Dumptime: Fri Mar 15 11:20:13 2013
Hostname: pfsense.localhost
Magic: FreeBSD Text Dump
Version String: FreeBSD 8.1-RELEASE-p6 #0: Mon Dec 12 18:09:12 EST 2011
root@FreeBSD_8.0_pfSense_2.0-AMD64.snaps.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_Dev.8
Panic String: Most recently used by mbuf_tagDump Parity: 2974555650
Bounds: 0
Dump Status: goodFilename: /var/crash/textdump.tar.0
ddb.txt 0600 0 0 140000 12120533225 7065 ustar root wheel db:0:kdb.enter.default> run lockinfo
db:1:lockinfo> show locks
shared rm PFil hook read/write mutex (PFil hook read/write mutex) r = 0 (0xffffffff81347cc8) locked @ /usr/pfSensesrc/src/sys/net/pfil.c:78
db:1:locks> show alllocks
Process 12 (intr) thread 0xffffff00022fbba0 (64019)
shared rm PFil hook read/write mutex (PFil hook read/write mutex) r = 0 (0xffffffff81347cc8) locked @ /usr/pfSensesrc/src/sys/net/pfil.c:78
db:1:alllocks> show lockedvnods
Locked vnodes
db:0:kdb.enter.default> show pcpu
cpuid = 0
dynamic pcpu = 0x4a5a80
curthread = 0xffffff00022fbba0: pid 12 "swi5: +"
curpcb = 0xffffff800007ed40
fpcurthread = none
idlethread = 0xffffff00022ec3e0: pid 11 "idle: cpu0"
curpmap = 0
tssp = 0xffffffff8139ed80
commontssp = 0xffffffff8139ed80
rsp0 = 0xffffff800007ed40
gs32p = 0xffffffff8139dbb8
ldt = 0xffffffff8139dbf8
tss = 0xffffffff8139dbe8
spin locks held:
db:0:kdb.enter.default> bt
Tracing pid 12 tid 64019 td 0xffffff00022fbba0
kdb_enter() at kdb_enter+0x3d
panic() at panic+0x17b
mtrash_ctor() at mtrash_ctor+0x84
uma_zalloc_arg() at uma_zalloc_arg+0x2ee
malloc() at malloc+0x9a
m_tag_alloc() at m_tag_alloc+0x5c
pf_test() at pf_test+0x1ba
pf_check_in() at pf_check_in+0x39
pfil_run_hooks() at pfil_run_hooks+0xd2
ip_input() at ip_input+0x388
netisr_dispatch_src() at netisr_dispatch_src+0xb8
ether_demux() at ether_demux+0x18d
ether_input() at ether_input+0x195
re_rxeof() at re_rxeof+0x3e8
re_int_task() at re_int_task+0x1b8
taskqueue_run() at taskqueue_run+0x91
intr_event_execute_handlers() at intr_event_execute_handlers+0x66
ithread_loop() at ithread_loop+0xb2
fork_exit() at fork_exit+0x12a
fork_trampoline() at fork_trampoline+0xe
--- trap 0, rip = 0, rsp = 0xffffff800007ed30, rbp = 0 ---
db:0:kdb.enter.default> ps
pid ppid pgrp uid state wmesg wchan cmd
35193 39137 39137 0 S accept 0xffffff00470bcdae php
2112 43952 25 0 S nanslp 0xffffffff81180a28 sleep
39256 38018 38018 0 S accept 0xffffff000288e85e php
38239 38018 38018 0 S accept 0xffffff000288e85e php
12983 39137 39137 0 S accept 0xffffff00470bcdae php
24693 31205 31205 0 S piperd 0xffffff00027df000 rrdtool
33598 31631 33598 0 S+ ttyin 0xffffff000269a0a8 sh
31631 31006 31631 0 S+ wait 0xffffff000291e8c0 sh
31006 1 31006 0 Ss+ wait 0xffffff000275a000 login
27231 1 27231 0 Ss nanslp 0xffffffff81180a28 minicron
26614 1 26614 0 Ss nanslp 0xffffffff81180a28 minicron
26319 1 26319 0 Ss nanslp 0xffffffff81180a28 minicron
51260 1 51260 0 Ss nanslp 0xffffffff81180a28 cron
43952 1 25 0 S+ wait 0xffffff0002896000 sh
25322 1 25322 0 Ss (threaded) mpd4
64135 S select 0xffffff000274d640 mpd4
24283 1 24283 0 Ss select 0xffffff000274dd40 ntpd
1917 1 25 123 S+ select 0xffffff00028ed740 ntpd
56348 1 56214 65534 S select 0xffffff00028ecbc0 dnsmasq
50089 1 50089 1002 Ss select 0xffffff00027806c0 dhcpd
39137 37280 39137 0 Ss wait 0xffffff0002fbd8c0 initial thread
38018 37280 38018 0 Ss wait 0xffffff0047091000 initial thread
37280 1 36934 0 S kqread 0xffffff0002a5a400 lighttpd
31205 1 31205 0 Ss select 0xffffff0002f76cc0 apinger
23546 1 23546 0 Ss select 0xffffff00027829c0 inetd
22835 20223 22835 0 Ss (threaded) sshlockout_pf
64121 S nanslp 0xffffffff81180a28 sshlockout_pf
64106 S piperd 0xffffff0002f532d8 initial thread
22802 1 22802 0 Ss select 0xffffff00028ed140 sshd
20223 1 20223 0 Ss select 0xffffff00027809c0 syslogd
15507 1 25 0 S+ piperd 0xffffff000290e000 logger
15437 1 25 0 S+ bpf 0xffffff0002da9a00 tcpdump
272 1 272 0 Ss select 0xffffff0002781040 devd
261 259 259 0 S kqread 0xffffff000278fa00 check_reload_status
259 1 259 0 Ss kqread 0xffffff00027eee00 check_reload_status
40 0 0 0 SL mdwait 0xffffff0002738000 [md0]
24 0 0 0 SL flowclea 0xffffffff81342010 [flowcleaner]
23 0 0 0 SL sdflush 0xffffffff81364778 [softdepflush]
22 0 0 0 SL syncer 0xffffffff81341d20 [syncer]
21 0 0 0 SL vlruwt 0xffffff0002750460 [vnlru]
20 0 0 0 SL psleep 0xffffffff81341848 [bufdaemon]
19 0 0 0 SL pollid 0xffffffff8117f868 [idlepoll]
18 0 0 0 SL pgzero 0xffffffff8136620c [pagezero]
17 0 0 0 SL psleep 0xffffffff813655a8 [vmdaemon]
16 0 0 0 SL psleep 0xffffffff8136556c [pagedaemon]
9 0 0 0 SL ccb_scan 0xffffffff81145fe0 [xpt_thrd]
8 0 0 0 SL pftm 0xffffffff80206b50 [pfpurge]
7 0 0 0 SL waiting_ 0xffffffff8134dd60 [sctp_iterator]
15 0 0 0 SL (threaded) usb
64054 D - 0xffffff8000309dd0 [usbus4]
64053 D - 0xffffff8000309d78 [usbus4]
64052 D - 0xffffff8000309d20 [usbus4]
64051 D - 0xffffff8000309cc8 [usbus4]
64050 D - 0xffffff8000300ef0 [usbus3]
64049 D - 0xffffff8000300e98 [usbus3]
64048 D - 0xffffff8000300e40 [usbus3]
64047 D - 0xffffff8000300de8 [usbus3]
64045 D - 0xffffff80002f7ef0 [usbus2]
64044 D - 0xffffff80002f7e98 [usbus2]
64043 D - 0xffffff80002f7e40 [usbus2]
64042 D - 0xffffff80002f7de8 [usbus2]
64040 D - 0xffffff80002eeef0 [usbus1]
64039 D - 0xffffff80002eee98 [usbus1]
64038 D - 0xffffff80002eee40 [usbus1]
64037 D - 0xffffff80002eede8 [usbus1]
64035 D - 0xffffff80002e5ef0 [usbus0]
64034 D - 0xffffff80002e5e98 [usbus0]
64033 D - 0xffffff80002e5e40 [usbus0]
64032 D - 0xffffff80002e5de8 [usbus0]
14 0 0 0 SL - 0xffffffff81180704 [yarrow]
6 0 0 0 SL crypto_r 0xffffffff813635a0 [crypto returns]
5 0 0 0 SL crypto_w 0xffffffff81363560 [crypto]
4 0 0 0 SL - 0xffffffff8117c508 [g_down]
3 0 0 0 SL - 0xffffffff8117c500 [g_up]
2 0 0 0 SL - 0xffffffff8117c4f0 [g_event]
13 0 0 0 SL (threaded) ng_queue
64011 D sleep 0xffffffff810f4cd0 [ng_queue1]
64010 D sleep 0xffffffff810f4cd0 [ng_queue0]
12 0 0 0 RL (threaded) intr
64060 I [swi0: uart]
64059 I [irq1: atkbd0]
64058 I [irq7: ppc0]
64057 I [irq14: ata0]
64046 I [irq16: uhci3]
64041 I [irq18: em0 uhci2]
64036 I [irq19: uhci1+]
64031 I [irq23: uhci0 ehci0]
64030 I [irq257: bge1]
64029 I [irq256: bge0]
64028 I [irq9: acpi0]
64026 I [swi2: cambio]
64022 I [swi6: task queue]
64021 I [swi6: Giant taskq]
64019 Run CPU 0 [swi5: +]
64009 I [swi4: clock]
64008 I [swi4: clock]
64007 I [swi3: vm]
64006 I [swi1: netisr 0]
11 0 0 0 RL (threaded) idle
64005 CanRun [idle: cpu0]
64004 Run CPU 1 [idle: cpu1]
1 0 1 0 SLs wait 0xffffff00022e98c0 [init]
10 0 0 0 SL audit_wo 0xffffffff81363ad0 [audit]
0 0 0 0 SLs (threaded) kernel
64056 D - 0xffffff0002611780 [em1 taskq]
64055 D - 0xffffff000260b880 [em0 taskq]
64027 D - 0xffffff000242dd80 [kqueue taskq]
64025 D - 0xffffff0002490200 [acpi_task_2]
64024 D - 0xffffff0002490200 [acpi_task_1]
64023 D - 0xffffff0002490200 [acpi_task_0]
64020 D - 0xffffff00023d3700 -
Looks like memory exhaustion, perhaps mbufs, see http://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards and raise nmbclusters as described there.
-
Looks like memory exhaustion, perhaps mbufs, see http://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards and raise nmbclusters as described there.
Thanks for that admin!
will try it and post the results later!
-
Guys,
Changed the mbuf to the recommended and there were no more crashes till now. really happy, thanks a lot!
Just installed to pfsense 2.0.3 (i386) on a another rig and got a problem now every time pfsense boot ups it gets stuck or takes time at
"Starting up the NTP client" for about 5 to 10 minutes and then boots up properly.I tried stopping NTP service at the webgui but no luck! Is there any way to stop it permanently or is it just like that.!?
Neways…........Pf-sense rocks!
-
Have you tried a different NTP server? I'm not seeing a noticeable delay with the Mar 13 snapshot on x64. I'm using my ISP's NTP server a couple hops away instead of a more distant one.
-
Have you tried a different NTP server? I'm not seeing a noticeable delay with the Mar 13 snapshot on x64. I'm using my ISP's NTP server a couple hops away instead of a more distant one.
Thanks for that stan, Figured out, it was caused by the failed CMOS battery on the system! Changed it and the time in the bios, no more issues!
Thank you guys!