pfSense

I am not sure how load balancing works and it is not my goal to implement. May main goal is to use both of my cable modems, one dedicated to outbound internet connections (I), the other one for inbound VPN connections (V).

The problem I am having is, that setting the default gateway is not respecting the interface:

https://github.com/pfsense/pfsense/blob/c126fc7918d0fba6d7548f15e38c18fc55c65f90/src/etc/inc/system.inc#L733:

route_add_or_change("-inet default {$gatewayip}");

should be

route_add_or_change("-inet default {$gatewayip} -iface {$interfacegw}");

Otherwise the default gateway could be registered for the wrong connection V. This gives you a "working" setup, but the traffic is not separated, because all traffic run over connection V. But the bigger problem occurs, when the connection V is falsly set as default gateway and then restarts for whatever reason. This will remove the default gateway from the routing table and will not add a new one, because the default gateway is configured for the other connection I which did not restart.

I guess there are some other places, too, (for example when deleting routes) where the interface should be given to the route command.

With these changes and the new dpinger implementation, which respects the interfaces when creating special routes for external monitor ips, it should be possible to also have a fail-over multi-wan setup.