Project

General

Profile

Bug #9054

Gateway Group slow (or never) to switch back to Tier 1

Added by Mitch Claborn 3 months ago. Updated 2 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
10/22/2018
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.4.4
Affected Architecture:

Description

See https://forum.netgate.com/topic/136852/2-4-4-gateway-group-slow-or-never-to-switch-back-to-tier-1. (No responses yet as of this posting.)

I have a gateway group with 2 gateways, one at Tier 1 and the other at Tier 2. I've been having lots of trouble with my Tier 1 link lately and pfSense will switch over to the Tier 2 link, but when the Tier 1 gateway comes back within limits (latency, packet loss) the routing does not switch back to the Tier 1 gateway. The Gateways widget on the home page shows the Tier 1 as "online" as does Status -> Gateways and Status -> Gateway Groups. The log file shows an alarm for latency and then cleared for latency.

I've set that gateway group as the default gateway and am also sending traffic to it with a LAN firewall rule.

History

#1 Updated by Mitch Claborn 3 months ago

If I set the Tier 1 gateway as "Mark Gateway as Down" then turn that setting back off, the routing will correct itself and switch back to the Tier 1 gateway.

#2 Updated by Mitch Claborn 3 months ago

To make things even more complicated, in the workaround mentioned above, the routing actually changes back to the Tier 1 gateway when I mark it as down, so that when the status is "forced offline" it is still routing through that gateway. When I undo the "mark as down" it continues to route through that gateway.

#3 Updated by Mitch Claborn 3 months ago

The Gateway Group was set as Trigger Level: Packet Loss or High Latency. I changed that to "Member Down" and now the routing seems to be switching back to the Tier 1 gateway as it should. I'm going to revert to "Packet Loss or High Latency" as a test to see if that triggers the problem.

#4 Updated by Mitch Claborn 3 months ago

With the Gateway Group set to "Packet Loss or High Latency" this problem definitely shows up much more often.

#5 Updated by Vasyl Semenchuk 3 months ago

The same problem on all my devices (20 devices) after upgrading

#6 Updated by Mitch Claborn 3 months ago

@VasylSemenchuk Are your gateway groups set to trigger level "Packet Loss or High Latency" or "Member Down"? Does it work better if set to "Member Down"?

#7 Updated by Vasyl Semenchuk 3 months ago

Set to trigger level "Packet Loss or High Latency"
I will set trigger level "Member Down" and let you know on monday or thursday

#8 Updated by Vasyl Semenchuk 3 months ago

Did you try restart service dpinger? In my case this helps switch back to WAN1

#9 Updated by Vasyl Semenchuk 3 months ago

Also i noticed in my case helps when restart openvpn client.
After restart OpenVPN, vpn and other traffic switch back to WAN1

#10 Updated by Vasyl Semenchuk 2 months ago

HI! After some tests noticed that problem appear only when my "Gateway Group" set as Default gateway
If set WAN1 or WAN2 as Default gateway, switching working fine

Also available in: Atom PDF