unbound outgoing-interface failover for dual WAN

J

jmbraben

I've been trying to figure this one out.
I'm using FreeBSD 11.2-RELEASE-p10 amd64, unbound Version 1.9.1
I have dual WAN, but one is solely for failover (no DNS queries should occur on failover while primary WAN is up).

Is there any way to only use the primary WAN as the outgoing-interface until it fails (timeouts on DNS for example?)
- And only then to start using the failover outgoing-interface?
- And then to return to primary outgoing-interface usage when it is available again?

Or a way to have multiple outgoing-interfaces, but with priorities? Only use the lower priority interface if a higher priority interface doesn't respond within a time-period?

I'm apologizing in advance if there is an easy answer to this question, but I've been looking for several days without finding a solution.
 
jmbraben said:
Is there any way to only use the primary WAN as the outgoing-interface until it fails (timeouts on DNS for example?)
- And only then to start using the failover outgoing-interface?
- And then to return to primary outgoing-interface usage when it is available again?

Or a way to have multiple outgoing-interfaces, but with priorities? Only use the lower priority interface if a higher priority interface doesn't respond within a time-period?
Click to expand...
Have a look at lagg(4).

31.7. Link Aggregation and Failover
 
This is on a pfSense distribution and currently I am using their "interface groups" for the dualWAN (and apparently "interface groups" is not LAGG based).
They do have the ability to configure LAGG, I can see how LAGG will address the DNS problem.
I have some reading to do.
Thank you for the suggestion.
 
I understand and had read this...this was posed to pfSense community two weeks ago, and I am now trying to follow up with them regarding issues with LAGG and "interface groups". And when posing the question here, tried to remove all "pfSense-ness" from it.
I believe this followup is legit FreeBSD question:
  • Are there any details on lagg failover statement "If the master port becomes unavailable, the next active port is used."?
    • It appears (by reading man page) only recognizing "link down" as "unavailable"
    • There is no inherent link monitoring (ping) capability?
Thank you again for the suggestion.
 
You must log in or register to reply here.
Back
Top