I have a user who has multiple WAN connections and when one goes down and it fails over, it can cause issues with active UDP connections. To help debug this better, I could do with getting a packet capture and dumping the connections to a file (Or else where). Ideally I want to script this so the user can run a script to get the necessary debug info.
I would like to write this to a file but I believe this will hit the 4096 byte limit.
Any suggestions?
Thanks
Do you mind the orphan established connections in your firewall or invalid packets coming to it when he moves to other wan? Or what exactly is the problem you want to solve? Just for logging you can create a log rule and save the results into specific file or you can send it to logserver where could be a plenty of space for the files.
The scenario is as follows-
WAN1 fails. A script changes route priorities and clears connections, traffic begins to flow over WAN2.
WAN1 then comes back up. Route priorities are adjusted and connections clear. Traffic then begins to flow back over WAN1. However, some of the connections will be leaving WAN1’s interface with WAN2’s IP, which is incorrect.
Cheers
Expecting the masquerade is correctly set and the interfaces have correct ips. Check the routing rules, maybe the wrong address is there (forgotten during the coping rules?) or maybe there is some other ip changing rule somewhere or some mangling is still wrongly in place… Hard to guess.
Hi Jarda,
Thanks. I will dump the config and post it back later.
Cheers