4. MultiWAN failover partially successful

MultiWAN failover partially successful

  • M

    So I have a weird problem.  I've got a multi-WAN (+ CARP) setup on pfSense 2.1-Release, which has been working beautifully for a long time now.  Today, I had a failure of one of my WANs for the space of 10 minutes, and so normally, it's supposed to redirect all traffic over to the other WAN.  However, it didn't quite work out like that this time.  When the connection died, my PC was successfully redirected to the other WAN, and I believe most other PCs in the office were able to use the other WAN connection as well; but the pfsense box itself had trouble finding the latest version on its dashboard (even though in diagnostic -> ping, "www.google.com" works just fine on the "default" interface) , and all of our office phones (Cisco VOIP phones that connect to an external provider) were unable to reconnect to the other WAN connection (even after a power cycle of the phone).  In the past, these phones have automatically switched over on their own about 90% of the time after a brief disconnect, and certainly would after a power cycle.

    I am at a loss as to how this has come to be, as the only culprits I can think of would cause an all-or-none scenario, not this partial some-devices-but-not-others scenario.  Any ideas?

    0
  • T

    What does your failover rule look like? Most likely you need a floating WAN rule to handle your pfSense box's traffic, as it will likely take the default gateway (I'm assuming that's the connection that was down).

    0
  • M

    WAN2 was the one that went down.  I know it's a little weird, but I have WAN as my default gateway, yet WAN2 is the one where most traffic goes out, due to the weight & tier settings in the Gateway group below.  That aspect of it is working the way I want/expect it to.

    Here's my settings:

    WAN connection:				Triple bonded T1s		- 4.5Mbps up & down
WAN2 connection:			Business class Cable modem	- 50Mbps down/5Mbps up

WAN Gateway Settings:
-------------------------------
Address Family				IPv4
Gateway IP address			208.x.x.169
Default Gateway				Checked
Disable Gateway Monitoring		Not Checked
Monitor IP	 			
Weight					1

WAN2 Gateway Settings:
-------------------------------
Address Family				IPv4
Gateway IP address			71.x.x.17
Default Gateway				Not Checked
Disable Gateway Monitoring		Not Checked
Monitor IP	 			8.8.8.8
Weight					5

Gateway Group MultiWANFailover Settings:
------------------------------------------------------
Gateway Priority			WANGW		Tier 2		wan_vip3 - 208.x.x.170
					WAN2GW		Tier 1		opt1_vip4 - 71.x.x.18
Trigger Level				Member Down

    As far as floating WAN rules, I'm not sure what you mean, all that's in my floating firewall rules is autogenerated rules for my VOIP & P2P queues…  I haven't made any changes to my firewall rules in some time, and it used to work fine.  Do you want a complete posting of my firewall rules?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy