Load balancer monitoring
-
Hello,
There is something i dont understand with the monitoring of connections in a loadbalancing pool
i have two wan connections (WAN and OPT1), and in the load balancer section i create a pool with this configuration:
WAN: WAN's gateway monitoring ip
OPT1: OPT1's gateway monitoring ipi do some tests by unpluging one link and see what happens, and it seems to work but there is a problem because with this monitoring method we cant detect a link failure that happens after the gateway (and it is often the case).
so i decide to change the monitoring ips by others available on the internet, my load balancer configuration is now like this:
WAN: monitoring ip -> 194.2.0**.20**
OPT1: monitoring ip -> 194.2.0**.50**i do another test by unpluging the WAN connection, but i notice a strange thing, the system ping the WAN's monitoring ip (194.2.0**.20**) by the OPT1 interface, and it will never detect WAN link failure…
i have tried to add two static route that specified 194.2.0**.20** is available by the WAN's gateway and 194.2.0**.50** by the OPT1's gateway, but no effects…
system change my static route to access the 194.2.0**.20** by the OPT1 interface, and never detect WAN failure…thanks in advance for your help.
-
Dont use monitor IP's that are in your local subnet.
You should do a traceroute from each of your WANs and take the next hop of your ISP as monitoring IP.
The static route to the monitor ip is not necessary since it gets added automatically behind the scene. -
Dont use monitor IP's that are in your local subnet.
You should do a traceroute from each of your WANs and take the next hop of your ISP as monitoring IP.
The static route to the monitor ip is not necessary since it gets added automatically behind the scene.i dont use local ip for monitoring, 194.2.0.20 and 194.2.0.50 are public ip available for everyone on internet.
i will try with the next hop gateway for each connection. -
no i have the same problem with the next hop gateway !!
if the WAN going down the system access the WAN's monitoring ip by the OPT1 interface… -
hmmm.
Could you draw a diagram of how your network is set up?Are your two WAN's in the same subnet? (aka. same ISP)?
-
hmmm.
Could you draw a diagram of how your network is set up?Are your two WAN's in the same subnet? (aka. same ISP)?
i will try to create a diagram.
my two wan are in different network (different ISP).
i have forgot to say that i am in a cluster configuration and when the WAN connection go down it is the slave that become master, but i dont think the problem is related to the cluster… -
here is my setup:
-
ok so in fact the problem is related to the cluster, because i have tried with only one pfsense and if WAN go down the monitoring system detect the failure…
to give more informations about this problem, in cluster mode, if WAN go down the backup pfsense become the master and on the new master there is a problem to detect the WAN link failure because it monitor by the OPT1 interface !
and on the old master which is now the backup it monitor correctly the link failure !
-
i have a perl script started in background to change the default route to the current available gateway, so when my WAN connection go down it replace the default gateway by the OPT1's gateway, and it seems this cause my problem of monitoring…
it is strange, i dont understand why this modification influence the monitoring system...
