Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    MultiWAN failover partially successful

    Scheduled Pinned Locked Moved Routing and Multi WAN
    3 Posts 2 Posters 970 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mcampbell
      last edited by

      So I have a weird problem.  I've got a multi-WAN (+ CARP) setup on pfSense 2.1-Release, which has been working beautifully for a long time now.  Today, I had a failure of one of my WANs for the space of 10 minutes, and so normally, it's supposed to redirect all traffic over to the other WAN.  However, it didn't quite work out like that this time.  When the connection died, my PC was successfully redirected to the other WAN, and I believe most other PCs in the office were able to use the other WAN connection as well; but the pfsense box itself had trouble finding the latest version on its dashboard (even though in diagnostic -> ping, "www.google.com" works just fine on the "default" interface) , and all of our office phones (Cisco VOIP phones that connect to an external provider) were unable to reconnect to the other WAN connection (even after a power cycle of the phone).  In the past, these phones have automatically switched over on their own about 90% of the time after a brief disconnect, and certainly would after a power cycle.

      I am at a loss as to how this has come to be, as the only culprits I can think of would cause an all-or-none scenario, not this partial some-devices-but-not-others scenario.  Any ideas?

      1 Reply Last reply Reply Quote 0
      • T
        timthetortoise
        last edited by

        What does your failover rule look like? Most likely you need a floating WAN rule to handle your pfSense box's traffic, as it will likely take the default gateway (I'm assuming that's the connection that was down).

        1 Reply Last reply Reply Quote 0
        • M
          mcampbell
          last edited by

          WAN2 was the one that went down.  I know it's a little weird, but I have WAN as my default gateway, yet WAN2 is the one where most traffic goes out, due to the weight & tier settings in the Gateway group below.  That aspect of it is working the way I want/expect it to.

          Here's my settings:

          WAN connection:				Triple bonded T1s		- 4.5Mbps up & down
WAN2 connection:			Business class Cable modem	- 50Mbps down/5Mbps up

WAN Gateway Settings:
-------------------------------
Address Family				IPv4
Gateway IP address			208.x.x.169
Default Gateway				Checked
Disable Gateway Monitoring		Not Checked
Monitor IP	 			
Weight					1

WAN2 Gateway Settings:
-------------------------------
Address Family				IPv4
Gateway IP address			71.x.x.17
Default Gateway				Not Checked
Disable Gateway Monitoring		Not Checked
Monitor IP	 			8.8.8.8
Weight					5

Gateway Group MultiWANFailover Settings:
------------------------------------------------------
Gateway Priority			WANGW		Tier 2		wan_vip3 - 208.x.x.170
					WAN2GW		Tier 1		opt1_vip4 - 71.x.x.18
Trigger Level				Member Down

          As far as floating WAN rules, I'm not sure what you mean, all that's in my floating firewall rules is autogenerated rules for my VOIP & P2P queues…  I haven't made any changes to my firewall rules in some time, and it used to work fine.  Do you want a complete posting of my firewall rules?

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.