Bug #728
closed
default gateway cannot be unset
Added by tom hensel almost 15 years ago.
Updated almost 10 years ago.
Description
1) define a gateway group of at least two gateways
2) unset "Default Gateway" checkbox from the according gateway
3) apply settings, check routing (packets are flowing through the gateway)
4) remove gateway group, apply settings
5) check routing (packets are still flowing through the gateway without any defined)
this seems to be borked. rebooting makes no difference.
2.0-BETA3
built on Fri Jul 9 02:01:44 EDT 2010
FreeBSD 8.1-RC1
- Status changed from New to Resolved
The default gateway is not associated with gateway groups in that way.
- Status changed from Resolved to Rejected
Jim P wrote:
The default gateway is not associated with gateway groups in that way.
could you please elaborate?
i did search through the forum, finding nothing.
You always need a default gateway, you can't just uncheck it. You must use gateway groups via rules, and they must match first. If you want to use a gateway group for traffic leaving the firewall, use floating rules. If you want to use a gateway group for hosts on LAN, use it in a rule on LAN above all others.
Jim P wrote:
You always need a default gateway, you can't just uncheck it. You must use gateway groups via rules, and they must match first. If you want to use a gateway group for traffic leaving the firewall, use floating rules. If you want to use a gateway group for hosts on LAN, use it in a rule on LAN above all others.
i writing this comment while not having a default gateway set. thus, i've reported a bug.
Then show the output of:
- netstat -rn
And a copy of your configuration in the state where it doesn't work after a reboot.
IIRC, if you are using DHCP on WAN (as you are in the config in the other ticket), it may override the default gateway if one doesn't exist, if memory serves.
- Subject changed from default gateway and gateway groups confusion to default gateway cannot be unset
Changed the title of the ticket to reflect that this does not really have anything to do with gateway groups.
- netstat -rn
Destination Gateway Flags Refs Use Netif Expire
default 192.168.0.1 UGS 0 506438 vr1
8.8.8.8 213.191.76.37 UGHS 0 316 pppoe0
78.54.78.28 link#8 UHS 0 0 lo0
127.0.0.1 link#7 UH 0 19 lo0
127.0.0.2 127.0.0.1 UHS 0 0 lo0
192.168.0.0/24 link#2 U 0 4941 vr1
192.168.0.100 link#2 UHS 0 0 lo0
192.168.1.0/24 link#1 U 0 940658 vr0
192.168.1.250 link#1 UHS 0 0 lo0
204.69.234.1 213.191.76.37 UGHS 0 309 pppoe0
208.67.220.220 213.191.76.37 UGHS 0 309 pppoe0
208.67.220.222 192.168.0.1 UGHS 0 307 vr1
208.67.222.222 192.168.0.1 UGHS 0 5271 vr1
213.191.76.37 link#8 UH 0 4941 pppoe0
And a copy of your configuration in the state where it doesn't work after a reboot.
can't reboot atm, people are using the connection.
IIRC, if you are using DHCP on WAN (as you are in the config in the other ticket), it may override the default gateway if one doesn't exist, if memory serves.
yes, i'm using DHCP on one of the WAN interfaces (vr1). so the DHCP client is overwriting the default gateway? this makes sense, but it's confusing as long as you don't expect it.
tom hensel wrote:
yes, i'm using DHCP on one of the WAN interfaces (vr1). so the DHCP client is overwriting the default gateway? this makes sense, but it's confusing as long as you don't expect it.
Most people won't be unchecking their default gateway without defining another. :-)
I believe if you check default for your other WAN, it should take over as the default.
- Target version deleted (
2.1)
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by