Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: arubenstein on February 22, 2026, 04:15:13 PM

Title: Single gateway monitoring IP
Post by: arubenstein on February 22, 2026, 04:15:13 PM
About ten years ago, someone posted this:

https://forum.opnsense.org/index.php?topic=3974.msg14153#msg14153

Essentially, they asked why you couldn't specify the same IP on multiple gateway monitors. I've always wondered this too. The answer given in that post isn't entirely accurate. dpinger can definitely do this, with the -B command (which is already used). Here is my proofs:

In two different windows, I run:

Code Select
window 1: tcpdump -i ix1 host 8.8.8.8
window 2: tcpdump -i igb0 host 8.8.8.8

then I run the following:

Code Select
root@fw1:~ # dpinger -f -B 100.91.121.144 8.8.8.8
and

Code Select
root@fw1:~ # dpinger -f -B 216.220.92.80 8.8.8.8

this is the result I see in the tcpdump windows

window 1:

Code Select
root@fw1:~ # tcpdump -i ix1 host 8.8.8.8
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on ix1, link-type EN10MB (Ethernet), snapshot length 262144 bytes
10:02:01.129175 IP 216.220.92.80 > dns.google: ICMP echo request, id 8483, seq 15, length 8
10:02:01.131229 IP dns.google > 216.220.92.80: ICMP echo reply, id 8483, seq 15, length 8
10:02:01.629594 IP 216.220.92.80 > dns.google: ICMP echo request, id 8483, seq 16, length 8
10:02:01.631648 IP dns.google > 216.220.92.80: ICMP echo reply, id 8483, seq 16, length 8
10:02:02.715829 IP 216.220.92.80 > dns.google: ICMP echo request, id 27100, seq 0, length 32
10:02:02.717876 IP dns.google > 216.220.92.80: ICMP echo reply, id 27100, seq 0, length 32

window 2:

Code Select
root@fw1:~ # tcpdump -i igb0 host 8.8.8.8
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on igb0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
10:02:06.750199 IP 100.91.121.144 > dns.google: ICMP echo request, id 13418, seq 0, length 8
10:02:06.796505 IP dns.google > 100.91.121.144: ICMP echo reply, id 13418, seq 0, length 8
10:02:07.250663 IP 100.91.121.144 > dns.google: ICMP echo request, id 13418, seq 1, length 8
10:02:07.300514 IP dns.google > 100.91.121.144: ICMP echo reply, id 13418, seq 1, length 8
10:02:07.752011 IP 100.91.121.144 > dns.google: ICMP echo request, id 13418, seq 2, length 8
10:02:07.813853 IP dns.google > 100.91.121.144: ICMP echo reply, id 13418, seq 2, length 8
So, in essence, it would seem this work just fine if the UI would allow it.

In my opinion, I'd rather dpinger / gateway monitoring be monitoring the same IP I specify "out on the net" to test gateway viability, rather than just the other end of the connection or whatever. This doesn't really test internet reachibility.

Can this change be considered?  A further enhancement would be the ability to set more than one IP to monitor, which is a common feature on other firewalls.

Thanks for your consideration!
Title: Re: Single gateway monitoring IP
Post by: Patrick M. Hausen on February 22, 2026, 04:19:58 PM
Best open a feature request on Github.
Title: Re: Single gateway monitoring IP
Post by: arubenstein on February 22, 2026, 04:31:26 PM
Quote from: Patrick M. Hausen on Today at 04:19:58 PMBest open a feature request on Github.

Ah thanks for the pointer. I shall do so.
Text only | Text with Images