[SOLVED] Multi WAN Problem

Started by sepei, August 19, 2017, 11:21:43 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 19, 2017, 11:21:43 AM Last Edit: August 20, 2017, 11:31:05 AM by franco
Hello,

I have some problems with an multi wan setup. I got 4 uplinks but on the firewall only the default gateway got access to the internet. If I route clients to different uplinks everything is working fine just the firewall self can't use the other gateways. I also tried to ping from the command line with all interfaces (ping -S) but still only the interface that is the default gateway got access to the internet.

I think the problem started with an upgrade to 17.7 before it worked fine. I use openvpn with the wan uplinks and now I can only use the interface with the default gateway the others can't connect to the serves
August 19, 2017, 11:33:12 AM #1
This fixed it:
EDIT: ASSUMING YOU ARE ON 17.7

# opnsense-patch 0b38eff5f
# /usr/local/etc/rc.filter_configure

But what is this and why its working now?
August 20, 2017, 11:30:51 AM #2
We've changed the internal rule generation. Some multi-wan setups rely on suboptimal settings so that patch puts back a safeguard rule that forces traffic out the correct interface instead of following the system setup.

We will add this back with 17.7.1, maybe with an optional off switch as we are still positive about the direction of the effort.


Cheers,
Franco
August 21, 2017, 04:02:03 PM #3 Last Edit: August 21, 2017, 04:11:06 PM by whitwye
Hi Franco,

Is the "suboptimal settings" thing documented somewhere, perhaps in the form of suggested optimal settings for a multi-wan setup?

Also, just tried the patch. It does not fix the problem I'm seeing: that WAN2 works fine, just until WAN1 has "Enable Interface" unchecked and applied. Of course, this isn't the same thing as WAN1 failing. But logically a working config for WAN2 shouldn't depend on WAN1 being enabled, shouldn't it? I'm open for any advice. I'd really like to get this working. I'm much impressed with the parts of OPNsense that work.

Thanks,
Whit
August 21, 2017, 06:09:00 PM #4
I posted this elsewhere already, but for the sake of persistency:

https://docs.opnsense.org/manual/how-tos/multiwan.html

Maybe the gateway monitoring is not set up correctly, so that disabling an interface doesn't switch? Ideally, let's not debug in a [SOLVED] thread as this is unlikely the same issue. :)


Thanks,
Franco
Print
Go Up Pages1
User actions