Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.7 Legacy Series
»
Static routing issues
« previous
next »
Print
Pages: [
1
]
Author
Topic: Static routing issues (Read 3776 times)
Math43
Newbie
Posts: 10
Karma: 0
Static routing issues
«
on:
August 07, 2019, 08:54:06 am »
Hello,
I've got a strange static routing behavior with 19.7.2 firmware.
Here is my routing table:
root@OPNsense:~ # netstat -r4
Routing tables
Internet:
Destination Gateway Flags Netif Expire
default A.B.C.D UGS vmx3
100.64.0.0/24 172.18.4.21 UGS vmx1
172.21.0.0/16 172.18.4.20 UGS vmx1
I'm able to contact 100.64.0.0/24 but not able to contact 172.21.0.0/16, there is the traceroute:
root@OPNsense:~ # traceroute 172.21.169.103
traceroute to 172.21.169.103 (172.21.169.103), 64 hops max, 40 byte packets
1 172.18.4.21 (172.18.4.21) 0.523 ms 0.262 ms 0.200 ms
Wrong next hop is choosen. If I change Gateway priority of the two gateway (172.18.4.21 / 172.18.4.20), the behavior is reversed (172.21.0.0/16 is reachable but not 100.64.0.0/24)
On 17.1 problem is not present.
Regards,
Math
«
Last Edit: August 07, 2019, 11:33:40 am by Math43
»
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: Static routing issues
«
Reply #1 on:
August 07, 2019, 11:18:29 am »
Interfaces : XXX : Upstream -> set to auto-detect and check if you have correct gateways
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
Math43
Newbie
Posts: 10
Karma: 0
Re: Static routing issues
«
Reply #2 on:
August 07, 2019, 11:33:01 am »
Hello,
Auto-detect is already set.
Regards,
Mathieu
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: Static routing issues
«
Reply #3 on:
August 07, 2019, 02:57:40 pm »
On all interfaces?
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
Math43
Newbie
Posts: 10
Karma: 0
Re: Static routing issues
«
Reply #4 on:
August 07, 2019, 05:03:06 pm »
No, not on WAN interface, but if I change to autodetect, it's even worse
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: Static routing issues
«
Reply #5 on:
August 07, 2019, 07:31:51 pm »
Stay cool
Create a gateway for WAN, Mark it as upstream, then check that outbound Nat is Hybrid or Manual, then set WAN to auto-detect. After this check outbound Nat if there are correct entries and Post a Screenshot of routing table. It should be good
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
Math43
Newbie
Posts: 10
Karma: 0
Re: Static routing issues
«
Reply #6 on:
August 08, 2019, 10:21:26 am »
Hello,
I already have a WAN gatewau mark as upstream.
Outbound NAT is Manual
Outbound NA entry are corrects
Behaviour is still the same: Routing table is correct but wrong routing decision is taken when making a traceroute.
root@OPNsense:~ # netstat -r4
Routing tables
Internet:
Destination Gateway Flags Netif Expire
default A.B.C.D UGS vmx3
A.B.C.D/24 link#4 U vmx3
OPNsense link#4 UHS lo0
10.2.0.0/24 link#16 U vmx8_vla
OPNsense link#16 UHS lo0
100.64.0.0/24 172.18.4.21 UGS vmx1
100.64.2.0/23 172.18.4.21 UGS vmx1
100.64.4.0/23 172.18.4.21 UGS vmx1
100.64.6.0/23 172.18.4.21 UGS vmx1
100.65.0.32/29 link#7 U vmx6
OPNsense link#7 UHS lo0
localhost link#11 UH lo0
172.18.4.16/28 link#2 U vmx1
OPNsense link#2 UHS lo0
172.20.0.0/16 link#1 U vmx0
OPNsense link#1 UHS lo0
172.21.0.0/16 172.18.4.20 UGS vmx1
192.168.4.0/24 link#15 U vmx8_vla
OPNsense link#15 UHS lo0
192.168.10.0/24 192.168.4.250 UGS vmx8_vla
192.168.12.0/24 192.168.4.250 UGS vmx8_vla
192.168.14.0/24 192.168.4.250 UGS vmx8_vla
192.168.15.0/24 192.168.4.250 UGS vmx8_vla
192.168.18.0/24 192.168.4.250 UGS vmx8_vla
192.168.24.0/24 192.168.4.250 UGS vmx8_vla
192.168.30.0/24 192.168.4.250 UGS vmx8_vla
192.168.31.0/24 192.168.4.250 UGS vmx8_vla
192.168.32.0/24 192.168.4.250 UGS vmx8_vla
192.168.33.0/24 192.168.4.250 UGS vmx8_vla
192.168.42.0/24 192.168.4.250 UGS vmx8_vla
192.168.43.0/24 192.168.4.250 UGS vmx8_vla
192.168.44.0/24 192.168.4.250 UGS vmx8_vla
root@OPNsense:~ # traceroute 172.21.10.1
traceroute to 172.21.10.1 (172.21.10.1), 64 hops max, 40 byte packets
1 172.18.4.21 (172.18.4.21) 0.319 ms 0.234 ms 0.202 ms
2 *^C
Logged
Math43
Newbie
Posts: 10
Karma: 0
Re: Static routing issues
«
Reply #7 on:
August 08, 2019, 02:52:05 pm »
With help of opnsense github support, i manage to resolve my issue:
After a tcpdump, i find my packet matching this rule:
@73 pass out log on vmx1 route-to (vmx1 172.18.4.21) inet from 172.18.4.25 to ! (vmx1:network:1) flags S/SA keep state allow-opts label "2ff18b6378c052f6d36a245571286063"
I find the rule in WEBUI and find the guilty config, i need to
un
check " Disable automatic rules which force local services to use the assigned interface gateway. " under Firewalls > Settings > Advanced.
Sorry for the inconvenience and thanks you very much for you help mimugmail.
Regards,
Math
«
Last Edit: August 09, 2019, 04:59:15 pm by Math43
»
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: Static routing issues
«
Reply #8 on:
August 08, 2019, 04:53:55 pm »
You mean you unchecked "Disable force gateway" or you checked it? Just courious ... I always check it, never had problems
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
Math43
Newbie
Posts: 10
Karma: 0
Re: Static routing issues
«
Reply #9 on:
August 09, 2019, 04:59:37 pm »
I have to check, yes correct. I've edited my post.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
19.7 Legacy Series
»
Static routing issues
