Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Failover WAN being used with Primary is still up

    Scheduled Pinned Locked Moved Routing and Multi WAN
    9 Posts 3 Posters 486 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      skenigma
      last edited by skenigma

      I have two WAN Connections,

      WAN1 - Highspeed - Unlimited
      WAN2 - Backup - Metered

      I have a gateway group with WAN1 as Tier 1 and WAN 2 as Tier 2 with failover mode in "Member Down" setting

      Default gateway is set to the gateway group

      There are no policy routes that are set to use a specific gateway

      However I am seeing a bunch of traffic on WAN2 even when WAN 1 is up.

      Expected behaviour would be no traffic across WAN2 unless WAN1 goes down.

      WAN2 is a metered connection, and I don't want to be charged for usage when it should not be used.

      What am I doing wrong?

      M 1 Reply Last reply Reply Quote 0
      • M
        marcg @skenigma
        last edited by

        @skenigma Do you have "Kill all states for lower priority-gateways" configured in Gateway Monitoring?

        Also, this recent thread may be useful.

        S 1 Reply Last reply Reply Quote 0
        • S
          skenigma @marcg
          last edited by

          @marcg
          I do have "Kill all states for lower priority-gateways"
          fab1c9a0-5969-4b43-a9c0-6a862cfc4dbe-image.png

          The problem is not the failing back to the primary, it is while the primary is still up.

          As soon as I connect the secondary it starts passing traffic in a load balancing mode instead of sitting idle waiting for the primary to fail (expected).
          a99e18e6-0d06-4096-a7b2-c1f6b38d623b-image.png

          4be51f3a-af04-4463-be85-a7b3ef344cc8-image.png

          Hope these help

          S 1 Reply Last reply Reply Quote 0
          • S
            skenigma @skenigma
            last edited by

            I just reconnect the backup wan, and the state table exploded,
            f9e1e9dd-81dd-4f8b-9f4d-9856ca0e94cd-image.png

            I see the route table still shows the secondary as a default route.

            67975995-4672-4fcb-a11c-985f749ae7f0-image.png

            V 1 Reply Last reply Reply Quote 0
            • V
              viragomann @skenigma
              last edited by

              @skenigma
              Is the monitoring enabled for the primary gateway?

              Check Status > Gatewayx. Are both WAN gateways shown up as online (monitored)?

              S 1 Reply Last reply Reply Quote 0
              • S
                skenigma @viragomann
                last edited by

                @viragomann

                Yes Both Are Monitored.

                4bdfeb6f-aa51-4960-b4ca-7e359fe454ff-image.png

                e8657d74-a8f8-406b-a469-d07307013cf6-image.png

                M 1 Reply Last reply Reply Quote 0
                • M
                  marcg @skenigma
                  last edited by

                  @skenigma check your DM/chat

                  S 1 Reply Last reply Reply Quote 0
                  • S
                    skenigma @marcg
                    last edited by

                    Looks like I may have found my issues.

                    1. I had setup a policy route for testing the connection. I had also deleted that route before opening this request here so I had discarded it. But I think because my computer that was used for the test kept re-establishing sessions, the state table kept re-adding the states.

                    I have since killed all states after bringing the secondary connection back online (I kept it unplugged unless testing as I didn't want to kill my metered connection) and rebooted the computer that was used in testing. now the only states I am seeing on the secondary are the expected ones for gateway monitoring.

                    Thank you @marcg and @viragomann for your assistance.

                    1 Reply Last reply Reply Quote 1
                    • S
                      skenigma
                      last edited by

                      Looks like this is starting to happen again.

                      However it is limited, only some traffic is being routed over the backup connections.

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.