OPNsense is ignoring my routing-table

Started by JustAUser@OPNsense, May 02, 2023, 01:44:30 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 02, 2023, 01:44:30 PM
Dear All,

I'm new in this forum, hoping my question is posted in the correct folder/forum-page.

My problem:
I configured a multi-WAN-gateway-failover that doesn't work properly.
To achieve this, I defined a route that should use GW2 (192.168.1.189) instead of GW1 (192.168.1.1) when sending packets to 8.8.4.4.
But whatever I do, the packets are sent to GW1.

I have checked the routing table and tested with a treceroute to 8.8.4.4 from the console. The packets are still using the GW1 (192.168.1.1).

Additionally: I additionally tried to force a use of the gateways by inserting firewall rules with the gateway, which doesn't show any effect.

At the bottem there is the output of the console stripped away the ipv6 stuff which is disabled/not used.
and please see attached screenshots of the top of my LAN an WAN rulesets.

Any ideas what I'm doing wrong?

Many thanks in advance...


Code Select
root@OPNsense:~ # netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags     Netif Expire
default            192.168.1.1        UGS      vtnet2
8.8.4.4            192.168.1.189      UGHS     vtnet2
8.8.4.4/32         192.168.1.189      UGS      vtnet2
8.8.8.8            192.168.1.1        UGHS     vtnet2
8.8.8.8/32         192.168.1.1        UGS      vtnet2
10.47.0.0/24       link#2             U        vtnet1
10.47.0.254        link#2             UHS         lo0
10.47.8.0/24       link#1             U        vtnet0
10.47.8.1          link#1             UHS         lo0
127.0.0.1          link#5             UH          lo0
192.168.1.0/24     link#3             U        vtnet2
192.168.1.1        52:54:00:61:c1:13  UHS      vtnet2
192.168.1.254      link#3             UHS         lo0

root@OPNsense:~ # traceroute -n 8.8.4.4
traceroute to 8.8.4.4 (8.8.4.4), 64 hops max, 40 byte packets
1  192.168.1.1  0.781 ms  0.529 ms  0.588 ms
2  62.52.200.185  19.223 ms  18.983 ms  18.923 ms
3  62.53.1.38  23.187 ms  19.212 ms
    62.53.1.36  18.524 ms
4  62.53.0.26  35.723 ms
    62.53.0.28  21.884 ms  31.960 ms
5  62.53.7.49  35.124 ms
    62.53.5.111  31.746 ms
    62.53.0.20  25.152 ms
6  62.53.5.67  32.258 ms
    62.53.3.231  33.192 ms
    62.53.2.153  31.689 ms
7  62.53.25.59  27.349 ms
    62.53.13.83  31.855 ms
    62.53.25.59  28.221 ms
8  72.14.208.60  28.372 ms
    72.14.194.126  38.351 ms
    72.14.198.209  29.712 ms
9  * * *
10  209.85.240.83  27.684 ms
    108.170.228.32  36.083 ms
    8.8.4.4  35.178 ms


May 09, 2023, 01:07:46 PM #1
Hi Everyone,

I was able to solve my routing problem.

The routing works correctly from console now, because I implemented 2 rules targetting 8.8.4.4 using GW2 and 8.8.8.8 using GW1 in the FLOATING RULES section.

I hope this will turn over the routing on my multiwan gateways, when a gateway is down.

I have no idea, why I needed to explicitly use those rules. There was nothing like this mentioned in the tutorials.

Code Select

root@OPNsense:~ # traceroute -n 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 40 byte packets
1  192.168.1.1  0.750 ms  0.634 ms  0.626 ms
2  62.52.201.190  20.412 ms  20.022 ms  19.727 ms
3  62.53.22.210  19.571 ms  19.121 ms  20.420 ms
4  62.53.16.35  37.534 ms
...

root@OPNsense:~ # traceroute -n 8.8.4.4
traceroute to 8.8.4.4 (8.8.4.4), 64 hops max, 40 byte packets
1  192.168.1.189  4.015 ms  4.623 ms  3.923 ms
2  * * *
3  * * *
4  10.81.7.129  48.249 ms
    10.81.7.133  27.875 ms
    10.81.7.129  29.837 ms
...


It's still the same routing table:
root@OPNsense:~ # netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags     Netif Expire
default            192.168.1.1        UGS      vtnet2
8.8.4.4            192.168.1.189      UGHS     vtnet2
8.8.4.4/32         192.168.1.189      UGS      vtnet2
8.8.8.8            192.168.1.1        UGHS     vtnet2
8.8.8.8/32         192.168.1.1        UGS      vtnet2
10.47.0.0/24       link#2             U        vtnet1
10.47.0.254        link#2             UHS         lo0
10.47.8.0/24       link#1             U        vtnet0
10.47.8.1          link#1             UHS         lo0
127.0.0.1          link#5             UH          lo0
192.168.1.0/24     link#3             U        vtnet2
192.168.1.1        52:54:00:61:c1:13  UHS      vtnet2
192.168.1.254      link#3             UHS         lo0
Print
Go Up Pages1
User actions