OPNsense Forum
Archive => 16.7 Legacy Series => Topic started by: joer on August 01, 2016, 04:32:02 pm
-
Afternoon all,
Sorry if this is a silly question; I haven't been able to find an answer elsewhere.
I've got a lovely MITX rackmount system running 16.7 in our cabinet and have a Multi-WAN setup.
I have a gateway group with two FTTC lines on Tier 1, load balancing brilliantly. I also have a 4G mobile connection on Tier 2 as a failover, which is also online and pinging constantly.
My question is this:
If one of the Tier 1 lines fails, does the Tier 2 gateway kick in? Or does it wait for both Tier 1 members to fail? I'd prefer the latter.
What's the best way to check which lines are being used?
Thanks!
-
Hi Joe,
I checked the code: yes, all gateways of tier 1 must be "triggering" before tier 2 kicks in.
It depends on your policy, or whether you do load balancing, sticky connections, etc.
The simplest solution is monitoring the gateway status through the widget on the firewall itself as this can say precisely which connection is up / down.
You may be able to monitor how each gateway works in terms of traffic throughput from the Insight or Health graphs.
Cheers,
Franco
-
Thanks for the reply, much appreciated. Just what I needed to hear!
I've watched the graphs and it's happening as you describe.
Just out of curiosity, I found something over at pfSense that said it's only possible to load balance a maximum of two WANs. Is this the case with OpnSense?
Thanks again.
-
Phew, good. :)
As far as I can see the load balance firewall rules use any number of configured gateways (in code terms: more than one) and sets the policy to Round-Robin. Hence, the number of gateways should not be limited to two.
If such a restriction exist (or existed at some point) it's likely manifesting in the GUI or the configuration code. If you can identify such a spot we can fix it. If not, then all is fine.
Cheers,
Franco