Gateway Status IPv4 is Offline but its up

[newsense]

Code: [Select]

[quote author=Koldnitz link=topic=35215.msg173156#msg173156 date=1693086917]
<165>1 2023-08-26T13:10:52-05:00 opnsense.my_website.org dpinger 52422 - [meta sequenceId="1"] MONITOR: WANXFINITY_DHCP (Addr: 8.8.8.8 Alarm: down -> none RTT: 14.1 ms RTTd: 2.0 ms Loss: 0.0 %)                                                                                                                    │
│<165>1 2023-08-26T13:10:52-05:00 opnsense.my_website.org dpinger 52422 - [meta sequenceId="2"] MONITOR: WANxfinity_GWv6 (Addr: 2001:address::8888 Alarm: down -> none RTT: 13.6 ms RTTd: 1.8 ms Loss: 0.0 %)                                                                                                       │
│<165>1 2023-08-26T13:10:52-05:00 opnsense.my_website.org dpinger 52422 - [meta sequenceId="3"] ALERT: AIRVPNONE_VPNV4 (Addr: 10.address.1 Alarm: down -> none RTT: 44.3 ms RTTd: 2.8 ms Loss: 0.0 %)                                                                                                                   │
│<165>1 2023-08-26T13:11:41-05:00 opnsense.my_website.org dpinger 52422 - [meta sequenceId="4"] ALERT: AIRVPNTWO_VPNV4 (Addr: 10.address.1 Alarm: down -> loss RTT: 16.8 ms RTTd: 2.0 ms Loss: 20.0 %)                                                                                                                 │
│<12>1 2023-08-26T13:11:50-05:00 opnsense.my_website.org dpinger 74707 - [meta sequenceId="5"] AIRVPNTWO_VPNV4 10.address.1: Clear latency 16753us stddev 2006us loss 6%                                                                                                                                               │
│<165>1 2023-08-26T13:11:52-05:00 opnsense.my_website.org dpinger 52422 - [meta sequenceId="6"] ALERT: AIRVPNTWO_VPNV4 (Addr: 10.address.1 Alarm: loss -> none RTT: 16.7 ms RTTd: 2.0 ms Loss: 3.0 %)                                                                                                                  │
│<165>1 2023-08-26T13:17:50-05:00 opnsense.my_website.org dpinger 54441 - [meta sequenceId="1"] MONITOR: WANXFINITY_DHCP (Addr: 8.8.8.8 Alarm: down -> none RTT: 13.1 ms RTTd: 1.0 ms Loss: 0.0 %)                                                                                                                    │
│<165>1 2023-08-26T13:17:50-05:00 opnsense.my_website.org dpinger 54441 - [meta sequenceId="2"] MONITOR: WANxfinity_GWv6 (Addr: 2001:address::8888 Alarm: down -> none RTT: 13.2 ms RTTd: 1.1 ms Loss: 0.0 %)                                                                                                       │
│<165>1 2023-08-26T13:17:50-05:00 opnsense.my_website.org dpinger 54441 - [meta sequenceId="3"] ALERT: AIRVPNONE_VPNV4 (Addr: 10.address.1 Alarm: down -> none RTT: 42.9 ms RTTd: 1.4 ms Loss: 0.0 %)                                                                                                                   │
│<165>1 2023-08-26T13:17:50-05:00 opnsense.my_website.org dpinger 54441 - [meta sequenceId="4"] ALERT: AIRVPNTWO_VPNV4 (Addr: 10.address.1 Alarm: down -> none RTT: 17.8 ms RTTd: 3.3 ms Loss: 0.0 %)[/quote]

Curios what Franco will say here, my read of the log entries is that the WAN goes down - because of the Monitor entries

<165>1 2023-08-26T13:10:52-05:00 opnsense.my_website.org dpinger 52422 - [meta sequenceId="1"] MONITOR: WANXFINITY_DHCP (Addr: 8.8.8.8 Alarm: down -> none RTT: 14.1 ms RTTd: 2.0 ms Loss: 0.0 %)                                                                                                                    │
│<165>1 2023-08-26T13:10:52-05:00 opnsense.my_website.org dpinger 52422 - [meta sequenceId="2"] MONITOR: WANxfinity_GWv6 (Addr: 2001:address::8888 Alarm: down -> none RTT: 13.6 ms RTTd: 1.8 ms Loss: 0.0 %)                                                                                                       

You could add a rule for 1.1.1.1 icmp echo - gateway wan - keep a ping running and see if there are any lost pings. Use PingInfoView from https://www.nirsoft.net and you'll be able to cross-check the ping failures with the FW logs

[Koldnitz]

I think that may have been when I manually resaved the single gateway / applied changes.

System>Gateways>Single>pick a gateway (I generally do it on the down VPN but it doesn't seem to matter) and edit>make no changes>save>apply changes.

The WAN never goes down and 8.8.8.8 is google's main DNS which I am using to get a latency reading.

This is the only way for me to get the openvpn client gateways to show "up" on the widget / single gateway page after they stop / start. 

[newsense]

Still...keeping a ping on WAN wouldn't be a bad idea, if only to confirm current assumptions.

I'd go as far as to having 3 pings, 1.1.1.1 on WAN, 8.8.8.8 on VPN1 and 9.9.9.9 on VPN2

[Koldnitz]

As of right now both VPNs automatically ping their respective gateways.

The WAN was pinging 8.8.8.8 or its equivalent in ipv6.

I just changed them to ping the xfinity gateways for the xfinity network (ipv4 and ipv6).

Either way all three "Gateways" (WAN and both VPNs) have an address they are pinging for latency (this is the only way I noticed the issues with DPinger / openvpn with 23.7).

In your opinion is their a benefit to pinging outside of their respective gateways?

From what I can tell there is not much difference as long as the IP I ping is geographically near the respective gateway