Multi-WAN + IPv6 + Track Interface

Started by goldrunner, May 09, 2023, 09:21:12 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 09, 2023, 09:21:12 AM
2 WAN interface are bound to a gateway group. The LAN interfaces can only track ONE WAN interface, so I would expect to see an option to track the gateway group - but there is none. Is there a Howto on this?
May 09, 2023, 04:26:29 PM #1
I would love this same functionality myself, but at present I don't believe it's possible.

You can do something here by setting up a NAT6 based solution, but that's a deep rabbit hole and quite honestly kinda nasty. Also, I believe it breaks one of the common rules of IPv6 - because you'd use a "LAN local" IPv6 address like fec0::/10 or fd00::/8 (see https://en.wikipedia.org/wiki/Unique_local_address) - you'll find that most devices will NOT prefer this IPv6 connectivity if you also make IPv4 connectivity available, rendering the effort kinda pointless, unless you want to force it on every single device yourself (can you guess what I wasted a lot of time trying to get working?)
May 09, 2023, 06:00:46 PM #2
So if you have some LANs for your PCs stuff and one for your telephony equipment, then you'll be forced to switch things manually? I thought that opnsense is a professional FW and this problem is not so uncommon.
May 09, 2023, 07:54:13 PM #3
Each "LAN" can have it's own "delegated interface". I have 3 "LANs" - two are delegated from one upstream connection, the third is delegated from the other. You can't set it up to "swap".

Think of it like this: I have LAN1, LAN2 and LAN3. I also have WAN1 and WAN2. I have IPv6 on all of them. LAN1 and LAN2 are delegated from WAN1, and LAN3 is delegated from WAN2. This works (it didn't always work, but it does now!).

What you seemed to ask (and what I would like to do too) is that LAN1 and LAN2 prefer WAN1, but if WAN1 becomes unavailable for reasons, they would instead switch over to WAN2 for IPv6. This would require a "floating" delegated interface, so they would usually get an IPv6 from the WAN1 delegated interface, but when WAN1 failure occurs, they would receive an IPv6 from WAN2, something that is currently impossible.

Instead you can do what I discussed - create a "local" IPv6 and use NAT6 to map that onto either WAN1 or WAN2.

May 09, 2023, 09:11:32 PM #4
QuoteWhat you seemed to ask (and what I would like to do too) is that LAN1 and LAN2 prefer WAN1, but if WAN1 becomes unavailable for reasons, they would instead switch over to WAN2 for IPv6. This would require a "floating" delegated interface, so they would usually get an IPv6 from the WAN1 delegated interface, but when WAN1 failure occurs, they would receive an IPv6 from WAN2, something that is currently impossible.
I agree. Instead of a floating solution I expect to see the WAN group as a "meta" interface, like a team or bond in Linux.

Is there a chance that such a feature appears soon?

QuoteInstead you can do what I discussed - create a "local" IPv6 and use NAT6 to map that onto either WAN1 or WAN2.
In case of an emergency logging in to manually switch the gateway to be able to use the phone - sorry...!


Print
Go Up Pages1
User actions