Text only | Text with Images

OPNsense Forum

Archive => 20.7 Legacy Series => Topic started by: afan on January 24, 2021, 11:50:53 AM

Title: [Resolved] Gateways group: stuck on "pending"
Post by: afan on January 24, 2021, 11:50:53 AM
Hi guys,

I'm trying to configure two Gateway groups (dual-WAN) but both are stuck at "Pending" state.
What I did:
- Add a Tier 1 and a Tier 2 for the GW group
- Trigger level: member down
- Apply changes

When Googling I understand this could be related to the fact that a "monitor" is missing. Well, that might be true, but:
1. Where can this monitor be added?
2. Coming from pfSense, no such monitor was required (for "member down" at least) - does anyone know the reason why OPNsense would require these?

Thanks!
Title: Re: Gateways group: stuck on "pending"
Post by: Greelan on January 24, 2021, 12:01:22 PM
This should help: https://docs.opnsense.org/manual/how-tos/multiwan.html

The monitoring is so that OPNsense knows when to failover
Title: Re: Gateways group: stuck on "pending"
Post by: Greelan on January 24, 2021, 12:05:30 PM
PS - pfSense does employ the same idea: https://docs.netgate.com/pfsense/en/latest/routing/gateway-configure.html
Title: Re: Gateways group: stuck on "pending"
Post by: afan on January 24, 2021, 02:14:04 PM
System: Gateways: Single indeed shows options to add a monitor IP for a particular GW.
Apparently the gateway from my ISP doesn't allow ping.
First I added the Google DNS server for this (8.8.8.8 ), hoping this one will allow pings for eternity :)

A bit odd since "Disable Gateway Monitoring" was on for me (so I'd assume, given the help text of "This will consider this gateway as always being "up"", the GW group would not show "pending").

And also strange that the same public IP address cannot be used twice for GW monitoring of different gateways: "The monitor IP address "8.8.8.8" is already in use. You must choose a different monitor IP.". I chose 8.8.4.4 for the 2nd GW but then reverted to my ISP's DNS servers, which seem to be pingable.

Both GWs in both GW groups show up as "Online" now, thanks!

When comparing to pfSense: apparently there no state is provided and if the status cannot be determined, it would be considered as "up", at least on OPNsense per the below Monit feedback:

Code Select
Program 'gateway_alert'
  status                       Status failed
  monitoring status            Monitored
  monitoring mode              active
  on reboot                    start
  last exit value              1
  last output                  Gateways status could not be determined, considering all as up/active. (Group: GWGMemberdown_ISP1)
                               Gateways status could not be determined, considering all as up/active. (Group: GWGMemberdown_ISP2)
  data collected               Sun, 24 Jan 2021 13:23:54
Title: Re: [Resolved] Gateways group: stuck on "pending"
Post by: Greelan on January 24, 2021, 05:48:49 PM
Quote from: afan on January 24, 2021, 02:14:04 PM

And also strange that the same public IP address cannot be used twice for GW monitoring of different gateways: "The monitor IP address "8.8.8.8" is already in use. You must choose a different monitor IP.". I chose 8.8.4.4 for the 2nd GW but then reverted to my ISP's DNS servers, which seem to be pingable.


https://forum.opnsense.org/index.php?topic=3974.msg14152#msg14152
Text only | Text with Images