Project

General

Profile

Actions

Feature #12807

closed

Clear Active Secondary WAN Connections

Added by Adam Di Vizio about 2 years ago. Updated almost 2 years ago.

Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
Multi-WAN
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Default

Description

Hello There,

There are many people who may have a secondary WAN connection that is utilized on a wireless pay as go service Turbo stick.
That means when the primary WAN connection goes down and the secondary WAN connection now becomes active, the data being used is billed accordingly for the secondary WAN connection. The issue comes when the primary WAN now becomes active and the secondary WAN then becomes as a standby state.
Most often than not, there are still active sessions on the secondary WAN which means customers like myself are still being billed for data being used on the line. This issue happens if you are using an application that uses persistence TCP and or UDP connections and the failover WAN connections occurred.

To ensure, that the data used on the line is actually needed and billed accurately, I have compiled and tested the bash script which checks to see if the primary WAN is online and then checks to see if there are active sessions on the secondary WAN. If it finds active sessions, it kills the sessions and outputs an entry to the log file. It also sends an E-Mail notification of the event to the admin.

It would be nice to see if this feature can be used in the GUI as well as viewing the event log here as well. The total number of active sessions on the secondary WAN should in my opinion be available in the GUI for the admin to see.

Kindly note, you will need to find a way to capture what the secondary WAN Interface IP address is as in my example, I entered the local IP address of the secondary WAN in my script in order for this proof of concept (POC) to work.


Files

PFSense_WAN2_Kill_Active_Sessions.txt (2.67 KB) PFSense_WAN2_Kill_Active_Sessions.txt Bash script Adam Di Vizio, 02/15/2022 10:52 PM
Backup2WAN Event Log.txt (27.4 KB) Backup2WAN Event Log.txt Sample Event Log Adam Di Vizio, 02/15/2022 10:52 PM

Related issues

Related to Feature #855: Ability to selectively kill states on gateway recoveryResolvedMarcos M08/27/2010

Actions
Related to Feature #11556: Kill states using the pre-NAT addressResolvedMarcos M02/26/2021

Actions
Related to Bug #12942: Code to kill states for old gateway when reconnecting an interface is incorrectResolvedMarcos M

Actions
Actions #1

Updated by Viktor Gurov about 2 years ago

looks like a duplicate of #11556

Actions #2

Updated by Viktor Gurov about 2 years ago

The "State Killing on Gateway Failure" option on the System / Advanced / Miscellaneous should be changed to the following drop-down menu:
- None (default)
- Flush all states
- Flush states associated with an interfaces address

Actions #3

Updated by Adam Di Vizio about 2 years ago

On version 2.5.2 release, the only check box option I have available is:

Flush all states when a gateway goes down The monitoring process will flush all states when a gateway goes down if this box is checked

What version offers the option you provided?

Actions #4

Updated by Viktor Gurov about 2 years ago

Adam Di Vizio wrote in #note-3:

On version 2.5.2 release, the only check box option I have available is:

Flush all states when a gateway goes down The monitoring process will flush all states when a gateway goes down if this box is checked

What version offers the option you provided?

This is for a future fix, "State Killing on Gateway Failure" option should be changed

Actions #5

Updated by Jim Pingle about 2 years ago

I thought there was already an open Redmine for this exactly but I can't find it at the moment.

This will likely tie into #12092 as well and is more likely to function as a rule-based function and not based on a specific interface or IP address. For example a combination of the option above mentioned drop-down which would activate the function to kill when a WAN recovers but it would use a special internal rule label to identify states to kill since we can't quickly or accurately kill states based on the gateway or interface IP address alone.

Actions #6

Updated by → luckman212 about 2 years ago

Jim Pingle here's an 11+ year old one that's at least mildly related: https://redmine.pfsense.org/issues/855

Actions #7

Updated by Viktor Gurov about 2 years ago

  • Related to Feature #855: Ability to selectively kill states on gateway recovery added
Actions #8

Updated by Viktor Gurov about 2 years ago

  • Related to Feature #11556: Kill states using the pre-NAT address added
Actions #9

Updated by Jim Pingle about 2 years ago

  • Status changed from New to Duplicate
Actions #10

Updated by Viktor Gurov almost 2 years ago

  • Related to Bug #12942: Code to kill states for old gateway when reconnecting an interface is incorrect added
Actions #11

Updated by Viktor Gurov almost 2 years ago

looks like duplicate of #12942

Actions

Also available in: Atom PDF