Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    States not cleared on WAN IP change

    Scheduled Pinned Locked Moved NAT
    2 Posts 2 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K Offline
      kswtch
      last edited by

      Hello,

      when a PPPOE WAN interface reconnects and gets a new IP address not all states are cleared.

      I have three pfSense firewalls with the setup described in this picture:

      pfSense version on all three firewalls is: 2.1-RELEASE

      pfSense C connects via PPPOE to a provider getting a dynamic public IP address.
      pfSense A and B have pfSense C configured as a failover gateway. The monitoring IP is an IP address of the provider. This is done to detect and change gateways on high latency on the internet connection. On pfSense C you can clearly see the apinger ICMP states. (Third and second from the bottom)

      Whenever pfSense C is getting a new IP address (at least once a day) the apinger states are kept with the old public ip address in it. This causes the apinger instances on A and B to display "gateway down" although C is up again with a new IP. The only solution is to clear the states on C or restart apinger on A and B.
      This only happens when there is a PPPOE disconnect (manual or forced by the provider) on the WAN interface. If the interface is brought down by removing the ethernet cable all states are correctly cleared.
      I also unchecked the "State Killing on Gateway Failure":

      Is there any way I can make sure all states are cleared when the PPPOE WAN interface is assigned a new IP address?

      Thanks,
      Daniel

      1 Reply Last reply Reply Quote 0
      • S Offline
        simont
        last edited by

        Hi,

        I have the same problem, I searched the forum and there is some info but not a precise way to solve this issue.
        What I cannot understand is the reason why there isn't a way to add this feature " clear all states when WAN IP recover" officially

        However, if anyone has news on this it will be appreciated.

        The only topic I found that's interesting, but I have not tested the solution yet, is this:

        https://forum.pfsense.org/index.php?topic=65004.0

        I don't know if this can help

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.