How do I speed up GW Failover times?
-
I have the three basic GW groups set up "LB"=WAN1+WAN2 both on Tier1, "W1toW2"=WAN1 on Tier1, WAN2 on Tier2, and "W2toW1"=WAN2 on Tier1 and WAN1 on Tier2.
It works perfectly except that it takes about 20 seconds for pfSense to identify that a GW is down on the standard/default settings. When I try to half the intervals (down, probe, lost probe) the down GW bounces between offline and pending over and over. I can't seem to figure out what settings I need to tweak to lower the GW down alarm/failover time.
What are the correct advanced settings or is there any way to cut the time down for a GW to be identified as truly down? I'm using Google (8.8.8.8+8.8.4.4) as my Monitor IPs and that takes about 14ms. I could use others that are closer with a RTT of about 3-6ms if that makes any difference. I'd like to cut the failover time down to about 3-5 seconds if possible, at least chop it down from 20sec to 10sec but 3-5sec is better (if possible).
Thanks.
WAN1 is home, cable, DHCP from Cox and WAN2 is FiOS business, static. Happy to provide any other info required. As I said above, the RTT time to both of the Monitor IP's I'm using is about 13-15ms.
EDIT: Second question/comment - this is my first pfsense-on-a-stick setup so when an internet connection (GW) goes down (when I turn off the port in the switch) pfSense sees the GW down through the alarm systems but sees the interface as being up (VLAN over LACP between pfSense and switch). Is that a problem or just ignore?
-
see everything below 'probe interval'
-
Lower "down", leave the remainder alone. Though take care with what you're doing there. Often making it more sensitive just results in unnecessary and unwanted failover. Getting failover in less than 10 seconds is almost certainly too touchy.