Archives/opensense-docs
2
0
Fork 0
mirror of https://github.com/opnsense/docs synced 2024-10-30 21:20:20 +00:00
Code Issues Projects Releases Wiki Activity

System: Gateways: Group - better explain groups and point to the requirement of addresses. closes https://github.com/opnsense/docs/issues/513

Browse Source
This commit is contained in:
Ad Schellevis 2023-11-05 11:43:40 +01:00
parent bcb0368cc4
commit 03b004d1b5
1 changed files with 46 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
source/manual/multiwan.rst
View File

@ -8,9 +8,9 @@ are also possible with OPNsense.
:desctable:
blockdiag {
WAN_primary -- OPNsense;
OPNsense -- WAN_backup;
internet -- WAN_primary;
OPNsense -- WAN_primary;
WAN_primary -- internet;
WAN_backup -- internet;
internet [shape="cloud"];
WAN_primary [shape="cisco.modem",label=""];
@ -18,27 +18,65 @@ are also possible with OPNsense.
}
------------
The technology used to offer multiwan is called "policy based routing" or "source routing" and depends on the :doc:`firewall </manual/firewall>` functionality of OPNsense.
.. Note::
Currently it's not possible to use gateways without an address (Interface option "Dynamic gateway policy") inside a group.
This is due to the fact that the firewall requires an address of the right family (IPv4 / IPv6) to be present on the
interface, which can not be guranteed based on its configuration at the moment.
------------------------
Terminology
------------------------
When configuring gatew groups, there is a limited number of options and terms being used. Besides the name
of the group, one can find the following terms on the page:
=====================================================================================================================
==================================== ===============================================================================
Gateway Priority If a gateway is configured for a group, the 'when' part is divided into
'tiers,' with lower numbers (starting at 1) indicating higher importance.
When no usable gateways are present within a peer, the next one is
considered.
Trigger Level When a gateway inside the tier is considered offline, either when its
fully down, has loss or increased latency.
Pool Options Usually left to default, but can influence stickyness for sources on
a per group basis.
==================================== ===============================================================================
------------------------
Roles
------------------------
Using 'tiers', multiple scenarios can be constructed, by grouping gateways inside the same tier or choosing
to move them to different ones. Below the most common scenarios.
........................................
WAN Failover
------------
........................................
WAN failover automatically switches between WAN connections in case of connectivity
loss (or high latency) of your primary ISP. As long as the connection is not good
all traffic will be routed of the next available ISP/WAN connection and when
connectivity is fully restored so will the routing switch back to the primary ISP.
------------------
........................................
WAN Load Balancing
------------------
........................................
Load balancing can be used to split the load between two (or more) ISPs. This
enhances the total available bandwidth and/or lowers the load on each ISP.
The principle is simple: Each WAN connection (gateway) gets a portion of the traffic.
The traffic can be divided equally or weighted.
------------------------------
........................................
Combining Balancing & Failover
------------------------------
........................................
It is also possible to combine Load Balancing with Failover in such scenarios
you will have 2 or more WAN connections for Balancing purposes and 1 or more for
Failover. OPNsense offers 5 tiers (Failover groups) each tier can hold multiple