On 11/22/2011 5:11 PM, Jim Pingle wrote:
On 11/22/2011 7:45 PM, Dave Warren wrote:
Is there any way to tell pfSense that these entries should represent
interface IPs rather than hardcoding specific IPs?
I don't recall if we reject the syntax in the GUI, but I believe relayd
supports using a hostname for such parameters. If you use a dyndns
hostname for that WAN, you might try using it there.
I do have dynamic DNS for both the public interfaces (or can, without
much hassle. Right now I have one hostname that points to either of the
interfaces based on external failover management)
However, the UI doesn't accept hostnames.
I've only used it with static IPs so I'm not sure how that will react
there. It may not get automatically reloaded when a WAN IP changes, but
it's worth trying.
Worse, it needs to wait until about 75 seconds after the WAN IP changes
to allow for the Dynamic DNS system to update and TTLs to expire. Doing
it natively would be cleaner, although this might work if relayd is
smart enough to accept hostnames and notice when said hostnames change.
All that being said, I should note that I'm not even that picky about
how quickly it works, IP changes on the primary connection are
infrequent enough that it's just not a big deal. IP changes on the
backup connection are frequent, but a bit of downtime there only matters
when the primary connection is down, and failovers already take 1-5 minutes.
Even if the GUI input validation rejects it, it'd be worth trying to
disable that validation to see if it actually works in relayd.conf
What's the best way to do that? Can I hack the backup file and upload it
(I've used that to bypass certain UI limitations in the past), or am I
looking at hax0ring files on the pfSense box?
--
Dave Warren, CEO
Hire A Hit Consulting Services
http://ca.linkedin.com/in/davejwarren
_______________________________________________
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
