Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Static routes causing TCP retransmissions

    Routing and Multi WAN
    2
    2
    1.0k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      martin.carruth
      last edited by

      Scenario:
      There are two routers. Router A is the gateway to our MPLS, Router B is the pfsense and is our broadband gateway. Router A is 192.168.2.1, Router B is 192.168.2.254. the LAN of router A is plugged into the LAN of router B. There is a static route in Router B pointing MPLS traffic to router A which then sends it out to the MPLS, and there is a static route on Router A pointing Internet traffic to Router B.

      The issue was identified during the process of setting up failover between the Broadband and the MPLS. For a user at this site there are 3 potential paths that they can use to RDP to a certain server. Path A is using Router A as the gateway, which then goes straight over the MPLS to the server. Path B uses Router B as the gateway and then goes over the broadband connection to a port forward on the other end. Path C uses Router B as the gateway, which then forwards the traffic to Router A via a static route.

      Problem:
      Paths A and B work great. Path C is constantly disconnecting and reconnecting (this is actually happening to several applications, not just RDP). After reviewing a wireshark of each path, Path C using the static route would intermittently have clumps of TCP Retransmissions that that other paths do not have.  Unfortunately we NEED Path C to work, I wanted to know if anyone has seen this issue with Static Routes on the Zywall 5/pfsense or if anyone has any insight. HELP!!

      1 Reply Last reply Reply Quote 0
      • B
        brcisna
        last edited by

        Martin,

        I am still investigating what is exact;ly happening with our pfSense-2.1.4-RELEASE(amd64).
        We are in a  similar situation as your setup,,other than our pfSense is staic routed to an ip phone and a teacher segment lan router that has wokred fine with pfSense-1.2.3 and pfSense-2.0.1 but with pfSense-2.1.4 i am seeing lots of traffic blocked in the fiewrall logs and i am very certain the lan and OPT inerface rules should be passing all traffic,,between lans. If I disable the static route temporarily,,this blocking stops (in the firewall logs)?
        I'm not real smart but if i spend enough time on something i can usually hammer it out.
        What we are suffering from is on a Windows domain dns wins smb is being blocked,,,with this scenario. Not good in a production setting.

        I need to get wireshark on my setup,ro see were the packets are getting confused at.
        I setup two other pfSense machines at two of our other school buildings at the same time,with a  much simpler setup,,and couldnt have been any easier to setup.

        Thanks

        Barry

        1 Reply Last reply Reply Quote 0
        • First post
          Last post