Actions
Bug #16203
open
Floating Firewall Rules for ICMP Inconsistently Choose Gateways and May Ignore Routing
Status:
New
Priority:
Normal
Assignee:
-
Category:
Routing
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Release Notes:
Default
Affected Plus Version:
24.11
Affected Architecture:
Description
When testing Floating rules for ICMP with the interface set to "Any", outbound traffic will choose whatever gateway was seemingly "used last" for ICMP traffic, regardless of the default gateway or Policy-based routing.
For example, if you have two WANs, WAN1 and WAN2, and WAN2 becomes the default gateway, you traceroute out that interface, and then flip the default gateway to WAN1, if the rule for ICMP is a Floating Rule set to Any for the interface, it will likely continue to leave WAN2.
Additionally, if you define a direction on the Floating rule and set Policy-based Routing to use WAN1, it will still use WAN2 regardless of the direction.
No data to display
Actions