Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
questions about multiple WAN setup
« previous
next »
Print
Pages: [
1
]
Author
Topic: questions about multiple WAN setup (Read 1773 times)
defaultuserfoo
Full Member
Posts: 191
Karma: 7
questions about multiple WAN setup
«
on:
May 22, 2022, 12:45:00 pm »
Hi,
the documentation[1] seems to say that when I want to use both load-balancing and failover, I can't do that when I have only two WAN connections and that I can only do either load-balancing or failover:
"To combine Load Balancing with Failover you will have 2 or more WAN connections for Balancing purposes and 1 or more for Failover."
What happens when one or some of the WAN connections used for load-balancing is/are down?
I would assume that the load-balancing would automatically send traffic only through the connections that are not down, but the documentation seems to contradict that.
When using either load-balancing or failover, is it possible to route some traffic over a particular connection as long as the connection is up and have it go through a fail-over connection when that connection is down? For example:
I have two WAN connections, WAN_1 and WAN_2, and want to set up load-balancing with failover (hoping that is possible with only two WAN connections). I also want to have traffic from VLAN 100 go over WAN_1 and traffic from VLAN 200 go over WAN_2 when boths connections are up. When either WAN connection is down, I want the traffic from both VLANs go over the connection that is still up.
Is this possible, and how would I go about this?
[1]:
https://docs.opnsense.org/manual/how-tos/multiwan.html
Logged
koushun
Jr. Member
Posts: 95
Karma: 9
Digital pimp hard at work.
Re: questions about multiple WAN setup
«
Reply #1 on:
May 23, 2022, 08:41:23 am »
To get VLAN100 go over WAN_1, I would just add a pass rule on that interface which uses gateway WAN_1, on VLAN200 - make a pass rule which uses gateway WAN_2 (on the very bottom of the rule creation page).
And perhaps, when / if WAN_1 is down for VLAN100. .. You would have to disable this newly created rule, and then enable an identical rule which uses the WAN_2 gateway instead. So a manual process, I guess.
??
Logged
Running OPNsense through Proxmox
4 x Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz (1 Socket)
24 GB RAM
defaultuserfoo
Full Member
Posts: 191
Karma: 7
Re: questions about multiple WAN setup
«
Reply #2 on:
May 25, 2022, 02:30:35 am »
Thank you, that is a good pointer!
Is it possible to use gateway groups in firewall rules instead of gateways?
Is it possible to put the same WAN connection into multiple gateway groups? I. e. when I have two WAN connections, can I make gateway groups A and B and put both WAN connections into both gateway groups?
(It's a trick to get around the problem that I would have to manually alter firewalls rules in case a gateway is down. The first gateway group would use WAN connection 1 as default and WAN connection 2 as failover; the second gateway group would use WAN connection 2 as default and WAN connection 1 as failover. Then I could make firewall rules which by default use the WAN connection I want them to use and automatically switch over to the other WAN connection in case the default WAN connection is down.)
In case we can't do that, what's the alternative way?
«
Last Edit: May 25, 2022, 02:32:22 am by defaultuserfoo
»
Logged
koushun
Jr. Member
Posts: 95
Karma: 9
Digital pimp hard at work.
Re: questions about multiple WAN setup
«
Reply #3 on:
May 27, 2022, 10:52:02 pm »
I have no idea. I only have one WAN connection
I think you are the best one to answer this =D
Logged
Running OPNsense through Proxmox
4 x Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz (1 Socket)
24 GB RAM
lilsense
Hero Member
Posts: 600
Karma: 19
Re: questions about multiple WAN setup
«
Reply #4 on:
May 27, 2022, 11:20:47 pm »
Load-balancing means that the packets would be round robin between two WAN connections. This may not work with certain application. However, you can set up a persistent sticky which will stick one stream to one of the WAN circuits. this load balancing and failover is the same since the traffic will send all the traffic thru one WAN when the other is down.
If you have more than two then you can make a decision how this works.
Logged
defaultuserfoo
Full Member
Posts: 191
Karma: 7
Re: questions about multiple WAN setup
«
Reply #5 on:
May 29, 2022, 10:57:32 am »
Well, I can answer it now: It is possible to make multiple gateway groups with the same WAN interfaces.
But using those is questionable because apparently, the only way you can use gateway groups is by adjusting firewall rules such that they direct outgoing traffic through a gateway group instead of the default gateway. Apparently that circumvents the routing table, and that isn't what I want, though can it be useful sometimes.
Is it supposed to be like this? Can't I make a gateway group the default gateway? Not being able to make gateway groups default gateway candidates basically defeats any multi-WAN setup.
There is an option that seems to make it so that connections are switched over to another gateway when the default gateway is down and another option that disables firewall rules when a gateway is down ... The first option is useful but I haven't tried yet what happens when I disconnect the default gateway to simulate an outage ...
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
questions about multiple WAN setup