Results 1 to 2 of 2
  1. #1
    Untangler
    Join Date
    Jul 2019
    Posts
    53

    Default WAN Failover loosing it's configured tests or something else?

    Hi everyone,
    I've been getting odd behavior from WAN Failover recently. My NGFW is in Mexico, so lots of opportunity for WANs to fail, and they do frequently. I have 4 WAN's- two fiber optic, one cellular modem and a satellite connection. I have WAN balancer configured as 50/50/0/0. That is, the first two fiber optic connections have 50/50 priority, and then if they both fail, then the cellular modem (eth3) and then satellite (eth4). From what I can tell, if you assign a zero priority to both eth3 and eth4, and if WAN Failover finds eth3 and eth4 both responding, it will only allow traffic through eth3 until eth3 fails, and then it will route traffic through eth4. Nothing I've seen in the wifi about that, but it seems to behave like that unless I'm mistaken. Here's my problem: we've been having some outages on fiber optic, and the WAN Failover correctly changes the traffic to the satellite connection (when fiber optic goes 95% of the time the celluar drops too as it is fed by the FO- although not of course at my house).
    The issues are:
    1) When the fiber optic WANs come back (eth0 and eth1), traffic still continues to flow through the satellite connection which is expensive. In looks at the network traffic in reports, I can't see any traffic using the eth4 interface, but my theory is that my VPN connections persist- either OpenVPN, Tunnel, and/or Wireguard as resetting these connections resolves the issue. Is there any way to get the tunnels to restart, or does WAN Balancer not stop the traffic when the higher priority WANs come back to life?
    2) This is the stickier issue. WAN Failover appears to be working correctly during all of these transitions, but when I noticed that traffic was continuing to flow through eth4 even when eth1 and 2 had returned, I went to WAN Failover
    "status" and it shows:
    Screen Shot 2021-08-23 at 3.27.23 PM.png
    As if WAN Failover has forgotten tests that had be previously configured. If I go to "Tests" and then click on edit, it shows:
    Screen Shot 2021-08-23 at 3.29.02 PM.png
    As you can see from the screenshot, I'm using my ISP's next hop router to ping as it seems the most reliable. Normally I have the test run every 5 seconds with a 2 second timeout, but as you can see WAN Failover seems to forget these variables. Has anyone else seen this issue?
    Thanks!
    Last edited by junglechuck; 08-23-2021 at 04:51 PM.

  2. #2
    Untangler
    Join Date
    Sep 2009
    Posts
    30

    Default

    I have seen that too on version 16, but in my case I renamed two of my three wans and it forgot the tests on the third wan, pinging the interface at full rate, rather odd behavior. I put it down to the names changing, not some other issue. having reset the tests, I have not experienced this behavior since. I will agree with you that there is a bug lurking, probably a result of under testing, it's a complicated beast and the number of validation tests must be staggering for untangle's test team.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2