mirror of
https://github.com/opnsense/docs
synced 2024-10-30 21:20:20 +00:00
System: Gateways: Group - better explain groups and point to the requirement of addresses. closes https://github.com/opnsense/docs/issues/513
This commit is contained in:
parent
bcb0368cc4
commit
03b004d1b5
@ -8,9 +8,9 @@ are also possible with OPNsense.
|
|||||||
:desctable:
|
:desctable:
|
||||||
|
|
||||||
blockdiag {
|
blockdiag {
|
||||||
WAN_primary -- OPNsense;
|
|
||||||
OPNsense -- WAN_backup;
|
OPNsense -- WAN_backup;
|
||||||
internet -- WAN_primary;
|
OPNsense -- WAN_primary;
|
||||||
|
WAN_primary -- internet;
|
||||||
WAN_backup -- internet;
|
WAN_backup -- internet;
|
||||||
internet [shape="cloud"];
|
internet [shape="cloud"];
|
||||||
WAN_primary [shape="cisco.modem",label=""];
|
WAN_primary [shape="cisco.modem",label=""];
|
||||||
@ -18,27 +18,65 @@ are also possible with OPNsense.
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
------------
|
The technology used to offer multiwan is called "policy based routing" or "source routing" and depends on the :doc:`firewall </manual/firewall>` functionality of OPNsense.
|
||||||
|
|
||||||
|
|
||||||
|
.. Note::
|
||||||
|
Currently it's not possible to use gateways without an address (Interface option "Dynamic gateway policy") inside a group.
|
||||||
|
This is due to the fact that the firewall requires an address of the right family (IPv4 / IPv6) to be present on the
|
||||||
|
interface, which can not be guranteed based on its configuration at the moment.
|
||||||
|
|
||||||
|
|
||||||
|
------------------------
|
||||||
|
Terminology
|
||||||
|
------------------------
|
||||||
|
|
||||||
|
When configuring gatew groups, there is a limited number of options and terms being used. Besides the name
|
||||||
|
of the group, one can find the following terms on the page:
|
||||||
|
|
||||||
|
=====================================================================================================================
|
||||||
|
|
||||||
|
==================================== ===============================================================================
|
||||||
|
Gateway Priority If a gateway is configured for a group, the 'when' part is divided into
|
||||||
|
'tiers,' with lower numbers (starting at 1) indicating higher importance.
|
||||||
|
When no usable gateways are present within a peer, the next one is
|
||||||
|
considered.
|
||||||
|
Trigger Level When a gateway inside the tier is considered offline, either when its
|
||||||
|
fully down, has loss or increased latency.
|
||||||
|
Pool Options Usually left to default, but can influence stickyness for sources on
|
||||||
|
a per group basis.
|
||||||
|
==================================== ===============================================================================
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
------------------------
|
||||||
|
Roles
|
||||||
|
------------------------
|
||||||
|
|
||||||
|
Using 'tiers', multiple scenarios can be constructed, by grouping gateways inside the same tier or choosing
|
||||||
|
to move them to different ones. Below the most common scenarios.
|
||||||
|
|
||||||
|
........................................
|
||||||
WAN Failover
|
WAN Failover
|
||||||
------------
|
........................................
|
||||||
WAN failover automatically switches between WAN connections in case of connectivity
|
WAN failover automatically switches between WAN connections in case of connectivity
|
||||||
loss (or high latency) of your primary ISP. As long as the connection is not good
|
loss (or high latency) of your primary ISP. As long as the connection is not good
|
||||||
all traffic will be routed of the next available ISP/WAN connection and when
|
all traffic will be routed of the next available ISP/WAN connection and when
|
||||||
connectivity is fully restored so will the routing switch back to the primary ISP.
|
connectivity is fully restored so will the routing switch back to the primary ISP.
|
||||||
|
|
||||||
|
|
||||||
------------------
|
........................................
|
||||||
WAN Load Balancing
|
WAN Load Balancing
|
||||||
------------------
|
........................................
|
||||||
Load balancing can be used to split the load between two (or more) ISPs. This
|
Load balancing can be used to split the load between two (or more) ISPs. This
|
||||||
enhances the total available bandwidth and/or lowers the load on each ISP.
|
enhances the total available bandwidth and/or lowers the load on each ISP.
|
||||||
|
|
||||||
The principle is simple: Each WAN connection (gateway) gets a portion of the traffic.
|
The principle is simple: Each WAN connection (gateway) gets a portion of the traffic.
|
||||||
The traffic can be divided equally or weighted.
|
The traffic can be divided equally or weighted.
|
||||||
|
|
||||||
------------------------------
|
........................................
|
||||||
Combining Balancing & Failover
|
Combining Balancing & Failover
|
||||||
------------------------------
|
........................................
|
||||||
It is also possible to combine Load Balancing with Failover in such scenarios
|
It is also possible to combine Load Balancing with Failover in such scenarios
|
||||||
you will have 2 or more WAN connections for Balancing purposes and 1 or more for
|
you will have 2 or more WAN connections for Balancing purposes and 1 or more for
|
||||||
Failover. OPNsense offers 5 tiers (Failover groups) each tier can hold multiple
|
Failover. OPNsense offers 5 tiers (Failover groups) each tier can hold multiple
|
||||||
|
Loading…
Reference in New Issue
Block a user