Multi-wan FailOver (FO) issue

proxykid · August 28, 2019, 11:02:36 PM

Hi,

I've gone through possibly all the documentation regarding multi-wan, including:
https://docs.opnsense.org/manual/multiwan.html
https://docs.opnsense.org/manual/how-tos/multiwan.html
...Google....Forums... but I don't know if I missed something but my multi-wan setup is not working.

/** UPDATE:
I have verified the main reason why this is happening is due to 8.8.8.8 & 8.8.4.4 going from OPNSENSE box to GW1, from the network 8.8.4.4 it goes correctly through GW2 but from opensense box it does now, how can I force it?

Firewall rule for LAN has src * and destination 8.8.4.4 set to GW2, so shouldn't that rule apply to itself too?
**/

GW1 - ISP1:
IP: 192.168.1.254
IFACE: igb2
DNS 8.8.8.8
Description: Default 100/100 mbps wan, public ip is dynamic

GW2 - ISP2:
IP: 192.168.1.1
IFACE: igb2
DNS 8.8.4.4
Description: FailOver 10/10 mbps wan, public ip is static

LAN:
IP: 192.168.2.1
IFACE: igb0

Routing policy for some IPs going to WAN2 specifically, but everything else via WAN1. Works ok.

What I'm attempting is to route everything via GW2 whenever GW1 goes down, as a fail over. If I unplug GW1, GW2 should still be accesible through the same interface as it's on the same internal network as GW1, but they both go down.

System: Gateways: Group:
FailOver group, GW1 is tier 1, GW2 is tier2. Trigger Level: packet loss.

Everything else is just according to the manual, like the DNS policy routing, LAN policy routing gateway via gateway group.

I did notice though that tracerouting 8.8.4.4 via lan goes through the expected GW2, but if I do it from opnsense box via diagnostics traceroute it still goes via GW1, regardless if the GW is up or down. Also when the cable is unplugged for GW1, both GWs go down simultatenously.

Any help?

Thanks.

adrianschneider · August 29, 2019, 12:59:02 AM

For the traceroute point:
Could be related to a problem I had.
https://forum.opnsense.org/index.php?topic=13832.0

tong2x · August 29, 2019, 05:49:52 AM

@proxykid
are you using 19.7.3?

proxykid · August 29, 2019, 05:39:49 PM

Quote from: tong2x on August 29, 2019, 05:49:52 AM
@proxykid
are you using 19.7.3?

OPNsense 19.7.2-amd64
FreeBSD 11.2-RELEASE-p12-HBSD
OpenSSL 1.0.2s 28 May 2019

Quote from: adrianschneider on August 29, 2019, 12:59:02 AM
For the traceroute point:
Could be related to a problem I had.
https://forum.opnsense.org/index.php?topic=13832.0

Apparently it could be it indeed, I guess if that is the issue I would need a work around on the meanwhile....

adrianschneider · August 29, 2019, 10:13:31 PM

Just patch it:

opnsense-patch 7bfadb2

as root.

proxykid · September 04, 2019, 05:48:30 PM

got it thanks!!

Multi-wan FailOver (FO) issue

proxykid

August 28, 2019, 11:02:36 PM Last Edit: August 29, 2019, 12:21:33 AM by proxykid

adrianschneider

August 29, 2019, 12:59:02 AM #1

tong2x

August 29, 2019, 05:49:52 AM #2

proxykid

August 29, 2019, 05:39:49 PM #3

adrianschneider

August 29, 2019, 10:13:31 PM #4

proxykid

September 04, 2019, 05:48:30 PM #5