1
17.7 Legacy Series / Gateway monitoring reality check
« on: August 21, 2017, 08:23:47 pm »
Franco suggests perhaps my gateway monitoring isn't set up correctly. So let's run through that here.
At System > Gateways > All
So far so good. But indeed double-checking on the "DIsable Gateway Monitoring" boxes shows them checked. [Note on interface conventions: 99 times out of 100 checkboxes are used to enable things, not disable them.] Is this it? Uncheck both boxes and apply.
Then I disable the COGENT interface. And ...
But it does know the special route to the check IP:
And can ping that. But it can't ping 8.8.8.8, or 207.136.236.70. And when I try to connect to one of the public IPs on the GLOBAL interface from outside, I can't.
Now I do nothing but enable the COGENT interface.
And I can both ping IPs on the GLOBAL interface, and connect to services NATed behind them -- which were unavailable with the COGENT interface down.
So my bad on misreading the checkbox function. Yet, getting that right's not enough to make MultiWAN work. Is there documentation on what's supposed to be going on under the covers here, so I can check on where that might be going wrong?
Thanks again,
Whit
At System > Gateways > All
Quote
Name Interface Gateway Monitor IP Description
GW_WAN GLOBAL 207.239.<offuscated> 8.8.4.4 GlobalGW
GW_WAN_2 (default) COGENT 38.105.<obfuscated> 8.8.8.8 CogentGW
So far so good. But indeed double-checking on the "DIsable Gateway Monitoring" boxes shows them checked. [Note on interface conventions: 99 times out of 100 checkboxes are used to enable things, not disable them.] Is this it? Uncheck both boxes and apply.
Then I disable the COGENT interface. And ...
Quote
root@OPNsense:/tmp # route get 207.136.236.70
route: route has not been found
But it does know the special route to the check IP:
Quote
root@OPNsense:/tmp # route get 8.8.4.4
route to: google-public-dns-b.google.com
destination: google-public-dns-b.google.com
gateway: 207.239.<obfuscated>
fib: 0
interface: igb2
flags: <UP,GATEWAY,HOST,DONE,STATIC>
recvpipe sendpipe ssthresh rtt,msec mtu weight expire
0 0 0 0 1500 1 0
And can ping that. But it can't ping 8.8.8.8, or 207.136.236.70. And when I try to connect to one of the public IPs on the GLOBAL interface from outside, I can't.
Now I do nothing but enable the COGENT interface.
Quote
root@OPNsense:/tmp # route get 207.136.236.70
route to: vt.electrainfo.com
destination: default
mask: default
gateway: g<obfuscated>1.atlas.cogentco.com
fib: 0
interface: igb1
flags: <UP,GATEWAY,DONE,STATIC>
recvpipe sendpipe ssthresh rtt,msec mtu weight expire
0 0 0 0 1500 1 0
And I can both ping IPs on the GLOBAL interface, and connect to services NATed behind them -- which were unavailable with the COGENT interface down.
So my bad on misreading the checkbox function. Yet, getting that right's not enough to make MultiWAN work. Is there documentation on what's supposed to be going on under the covers here, so I can check on where that might be going wrong?
Thanks again,
Whit