Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - HenrikHenkel

Pages: [1]

High availability / Re: 2 OPNsenses same WAN network Broadcast Flood

« on: June 14, 2024, 02:21:15 pm »

Hi. Sorry for the late response.

The firewall rule and alias look exactly like mine...

Might sound stupid, but did you synchronize the changes to your second firewall?

High availability / Re: 2 OPNsenses same WAN network Broadcast Flood

« on: June 10, 2024, 11:14:57 am »

I tried it last weekend and it seems like the problem is solved for me.

Kinda feel stupid now, because it should have been obvious from the start to exclude ALL subnets from this firewall rule, that don't belong on a WAN network...

High availability / Re: 2 OPNsenses same WAN network Broadcast Flood

« on: June 05, 2024, 09:05:18 am »

So 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, right?

Try to add 224.0.0.0/24, 239.255.0.0/16, 239.192.0.0/14 to the alias.

High availability / Re: 2 OPNsenses same WAN network Broadcast Flood

« on: June 04, 2024, 12:05:04 pm »

How did you configure multi WAN? Firewall rule with redirect gateway?

High availability / Re: 2 OPNsenses same WAN network Broadcast Flood

« on: June 03, 2024, 03:47:37 pm »

Yes, my second ISP is Vodafone.
The main WAN is Telekom, no problems there.

Actually it came to my mind, there is a firewall rule that could be the culprit... Because I'm using load-balancing, there's a firewall rule that splits traffic to both WAN interfaces.
I will be on-site on Saturday and will check whether this causes the problem. (Although, if it is... Then it should be on both WAN interfaces, right?)

Do you use load-balancing or just failover?

High availability / Re: 2 OPNsenses same WAN network Broadcast Flood

« on: June 03, 2024, 09:02:18 am »

@aeschma

Yes, I actually do have 2 WAN connections for failover. But those also have their own interfaces.

No firewall rules that should relay this traffic.
The other WAN does not have this problem.

High availability / Re: 2 OPNsenses same WAN network Broadcast Flood

« on: May 28, 2024, 02:31:05 pm »

There are no VLANs configured. All dumb switches.

Each network has its own interface in OPNSense.

High availability / Re: 2 OPNsenses same WAN network Broadcast Flood

« on: May 28, 2024, 02:20:34 pm »

Well... Thats unfortunate.

In my setup there is MDNS and SSDP traffic leaking from LAN to the WAN site.
No MDNS-repeater setup, no special NAT rules, not even VLANs.

I also tried blocking this traffic with firewall rules, but it seems to only affect about 80% of the packets. Some still get through to the WAN interface and cause a broadcast/multicast loop.

High availability / Re: 2 OPNsenses same WAN network Broadcast Flood

« on: May 28, 2024, 11:32:11 am »

I'm running into the same problem. Same setup as you, IP range from Vodafone on WAN. Using CARP to share 1 public IP between both routers.

Does setting them to "isolated network" mess with the CARP setup? Have you tested failover?

Pages: [1]