Group Gateway not working

Started by Amr, May 16, 2020, 11:01:19 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 16, 2020, 11:01:19 AM Last Edit: May 16, 2020, 02:11:21 PM by Amr
hey guys,

I'm having a problem with gateway group failover,(as shown in picture) I have 2 routers on the same subnet with one of them being the DHCP server (let's say 192.168.1.1 & 192.168.1.2) OPNsense is connected to the main router and its wan IP is 192.168.1.3 and I'm using outbound and forcing clients to use it through port forward, I've followed the MULTI WAN guide https://docs.opnsense.org/manual/how-tos/multiwan.html?highlight=multi%20wan but when I tested the setup by restarting the secondary Router both links went down!, Am I missing something? help appreciated.

another question if I may, does load balancing my 2 routers work as a failover as well (in case one of them goes down will the second work alone or appear to be down also?)
Disclaimer: All advice presented is "AS IS", no warranties.
I'm not part of the opnsense team, just trying to help.
May 16, 2020, 04:00:30 PM #1
Not sure from your diagram and description how you managed to follow the instructions for configuring a Multi-Wan setup as you appear to only have one WAN into OPNsense. That said, if you do manage to configure a Multi-Wan setup in a load balance configuration, it will monitor the gateways and mark as down any that fail so that all traffic can then go via any remaining gateway(s).
May 17, 2020, 01:15:40 PM #2 Last Edit: May 17, 2020, 03:16:04 PM by Amr
Quoteyou appear to only have one WAN into OPNsense
Yes, I have only one wan interface on opnsense (WAN Configuration Type is DHCP -double nat-) , like I said I have 2 routers on the same subnet I'm using these as wan gateways when I manually specify one of them as default wan gateway things work as expected but when the secondary gateway goes down the primary is shown as down too, which is weird given that I have two unique remote monitor IPs (Google DNS) for each gateway.

Update: I've done some troubleshooting and found that the ICMP requests made are going through the same gateway so when the secondary gateway (which I'm using as default) goes down no ICMP requests hit google DNS servers and hence why the other gateway is shown down too when it is online, guess they didn't design multi-wan for this case :c, might give policy-based routing a try or maybe even a cron job.
Disclaimer: All advice presented is "AS IS", no warranties.
I'm not part of the opnsense team, just trying to help.
Print
Go Up Pages1
User actions