Based on what you described I'm pretty sure you missed the part that pfsense does not support ECMP and thus will only accept a single default kernel route. In other words it cant be done and to be honest a single pfsense receiving 2 default routes does not give you any redundancy except 2 interfaces. One of them needs to be the default box anyways and all you can do is policy routing. I would remove osfp between the front routers and pfsense and set it up as loadbalancing dual wan. That is the only solution that makes sense. The front routers need a interconnect so that they will handle a gw failure and ospf itself would clear the routes in case of a wan failure after ospf looses its neighbour. This will create failover and redundancy on your wan as well as the ability to policy route based on cost. And you can enable gw monitoring if you do it this way. You will offcourse need to static route the path to the monitoring ip on your front routers so that each front router will allways send it out on the correct wan.
Hth. Brgds, Espen 8. mars 2015 00:06 skrev "Espen Johansen" <[email protected]>: > Let ne see if i understand this correctly. You have 2 wans on your pfsense > box. You get a single kernel route from ospf? > Ospf needs to export its learned routes. And since you export default > route to pfsense the boxes in front actually does the route selection and > pfsense only has a single route to one of the two boxes in front? You need > a kernel with ECMP enabled ( options RADIX_MPATH). I beleive that your > routers are actually doing the path selection and that of your two wans > only one is used. > > This might be completely wrong, but based on what little information you > provided this sound like the issue. > > Brgds, Espen > 7. mars 2015 23:45 skrev "Espen Johansen" <[email protected]>: > >> I dont understand what you want to accomplish. And I dont think others do >> either. If you explain more maybe I can be of assistance :-) >> 7. mars 2015 21:25 skrev "Wade Blackwell" <[email protected]>: >> >>> Anyone? >>> Bueler? >>> >>> Wade Blackwell >>> Solutions Architect >>> (D) 805.457.8825 >>> (C) 805.400.8485 >>> (S) coc.wadeblackwell >>> >>> On 6 March 2015 at 10:44, Wade Blackwell <[email protected]> wrote: >>> >>>> Good morning all, >>>> I currently have a PF VM being used as my core L3 device for a >>>> small site. No static routes being used, just OSPF. I have two devices in >>>> front of the core sending "default information originate" with varying >>>> weights to prefer the faster connection, one for each carrier. I'd like to >>>> be able to add a gateway monitor, on the core, without a kernel route being >>>> installed as it relegates the OSPF routes useless. It appears that even if >>>> I uncheck "default" the kernel route still gets installed. Is this >>>> possible? Thanks. >>>> >>>> -W >>>> >>>> Wade Blackwell >>>> Solutions Architect >>>> (D) 805.457.8825 >>>> (C) 805.400.8485 >>>> (S) coc.wadeblackwell >>>> >>> >>> >>> _______________________________________________ >>> pfSense mailing list >>> https://lists.pfsense.org/mailman/listinfo/list >>> Support the project with Gold! https://pfsense.org/gold >>> >>
_______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
