Same monitor IP for multiple WAN, why not?

[akke]

Why is it forbidden to use the same monitor IP for multiple WAN links?

It's using dpinger internally with the -B (bind) parameter so it doesn't really need a static route. It just binds to the right interface and by doing so it should be pinging the monitor IP from the right WAN anyway.

So I do wonder why it's not allowed?

This is problematic for us because we are in a multi wan setup and when our ISP's link fail sometimes the ISP's gateway still replies to ping. The problem with the ISP is further down the route. So which monitor IP should we be using in that. case?

We wanted to ping a known stable icmp responder, like google's DNS 8.8.8.8 for all WAN links. But now we noticed that opnsense doesn't allow entering the same monitoring IP for multiple WANs.


I would like to know why it's not allowed even while it's using the -B parameter for dpinger already and/or what other options we have to monitor our 6 WANS.

[franco]

If you use an IP to monitor a link you need to bind that IP to a specific route in order to leave the correct interface, otherwise you are not actually monitoring it?

Sure, there are more elegant ways but implementing them is something nobody is willing to sponsor because it will be a lot of work.


Cheers,
Franco

[akke]

By using the -B parameter to dpinger we are already binding to the right source ip/interface.
This is already happening.

It doesn’t need a static route but it does add one.

It should be an easy change to allow to the reuse of the same monitoring ip.
(Just  remove the check in the gui and the static routes code that it’ll create)

[franco]

Feel free to try. Decision is still up to the routing table and we don't know the contents except when we ensure the host route.


Cheers,
Franco

[akke]

I have just tried running the dpinger command from the cli.
It works and sends the pings out on the correct wan.