Welcome, Guest. Please login or register.
Did you miss your activation email?
+  pfSense Forum
|-+  pfSense English Support» Routing and Multi WAN» multi wan failover -- reset states table
Username:
Password:
 
Home Help Search Login Register
 

Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: multi wan failover -- reset states table  (Read 698 times)
0 Members and 1 Guest are viewing this topic.
bacara
Newbie
*
Offline Offline

Posts: 2


View Profile
« on: April 05, 2012, 03:09:42 am »
Hello everyone,

I am trying to configure multi wan load balancing with pfSense 2.0.1. 
I have two ISP (ISP1 with STATIC addresse and ISP2 with DHCP addresse).
Both failover and load balancing is working fine with http.  But I have some problems with icmp.

In failover mode (for icmp protocol : use ISP2 first and switch to ISP1 if ISP2 is down):

When both links are up, using my windows laptop I do "ping -t 8.8.8.8" and I let it continue.
So far so good, I can see in the states table of pfSense that it's going through ISP2 as expected.
Then I bring down ISP2, and pings start to fail.  It wouldn't bother me if it was only for a few seconds (wait for the states table to be cleared and then send icmp through ISP1).  BUT pings continue to fail because the states table isn't cleared (I checked).  From my understanding it should be cleared when ISP2 becomes down...

The weird thing is that I have also tested with two ISP, BOTH STATIC addresses, and it's working just fine (states table is cleared after a few seconds and icmp is sent through the ISP that is still working).

So I have come to the conclusion that when a wan interface is in DHCP and loses its connectivity to its ISP, the states related to this interface are not removed from the states table. 

Is this possible ?  Am I missing something ?

Here is an other topic about reseting states for failed gateways (http://forum.pfsense.org/index.php/topic,7808.0.html).  It's a bit old and since then improvements have been made but it definatly helped me understand my problem.

Hope someone can help.

Thanks
Logged
jimp
Administrator
Hero Member
*****
Online Online

Posts: 12863



View Profile
« Reply #1 on: April 09, 2012, 02:16:28 pm »
It will kill states for a down gateway by default, but it may depend on how you're monitoring ISP2 in System > Routing. If the monitor IP is actually local and not something on the other end, it may never appear to be down. Or if you have monitoring disabled it can't detect it.

Also on gateway groups, the trigger should almost always be "packet loss or high latency" or it won't kick in.

Make sure under System > Advanced, on the Misc tab at the bottom, that the state killing option is not disabled.
Logged
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Donate to the project | My Wish List
bacara
Newbie
*
Offline Offline

Posts: 2


View Profile
« Reply #2 on: April 10, 2012, 02:27:35 am »
The monitor IP is the next-hop address (public IP of my ISP).  So it is on the other end.  Monitoring is not disabled (default).  And it appears down when I remove the link (I checked Status > Gateways). 

I already chose "packet loss or high latency".

The state killing option is not disabled (default).

Thanks for the help but I already checked all this.  I couldn't think of anything else and that's why I asked for help here.

As I said before, the weird thing is that it did kill states when I changed the configuration of my interface from dhcp mode to static mode (the whole configuration is exactly the same, except for the mode).
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

 

Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Page created in 0.027 seconds with 19 queries.