On 2/9/2011 9:12 AM, Ermal Luçi said: > On Wed, Feb 9, 2011 at 11:50 AM, Mark Wiater <mark.wia...@greybeam.com> wrote:
> So... In the issue, Ermal indicates that it's taken care of in 2.0 in another > way. I think I missed what that other way is. Because if the interface that > holds my default route goes down, lots of traffic doesn't end up hitting the > internet unless it sources from an internal network and I've got a policy > route in pf. > > It will be taken care from pf(4) policy route. In pfSense there are > enhancement in the kernel to support that. When my WAN interface, the default route goes down, things like squid and dnsmasq stop working for me, and I have multiple DNS entries in the general setup using the different gateways. >> Is a dynamic default route change out of the question? What is the other way >> to affect the same behavior in 2.0? > Not that its out of the question but the ways things work right now > its not the best option and the pf(4) fix works quite ok. > On 2.0 you can run even without a default gateway from what i have tested. In my experience, there are things that don't work from the firewall itself and that can cause somewhat significant problems. How does dns forwarder traffic or squid traffic know where to go if the default route is not functioning? Is there a configuration in pf that I'm missing? It sounds like I'm missing some fundamental configuration concept to make it work as well and as reliably as you have. I thought I looked everywhere for the right way to configure multiwan but maybe I've missed it? Got any pointers? > Though for later releases this might be revisited but its low priority for > now. Thanks Ermal Mark --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
