 Tom here from Lawrence systems and we're going to talk about monitoring or ping monitoring your gateway with PF sense and how the logging works for That and what you should be setting in those particular options and well Just kind of an expanded view of that because it's a pretty important feature Not just if you have a single gateway, but even more so important if you have multiple gateways And you want to either load balance or have a failover group But first if you'd like to learn more about me or my company head over to Lawrence systems comm if you'd like to hire Short project there's a hires button right at the top if you want to support this channel in other ways There's affiliate links down below to get you deals and discounts on products and services We talk about on this channel Including a link to our patreon if you like become a patreon supporter We also have a swag store where you can get shirts and other items that are for sale and that changes from time to time What's available and what's not so go ahead and check that out frequently and Finally our forums if you'd like to have a more in-depth discussion about this video suggestions for new videos or just reach out Say hi and talk tech our forums are a great place for that All right now back to the content Now we're gonna start here at the documentation a gateways a system Which pf send software can reach the internet through another network So if multiple lands are in use or multiple paths to the internet via different gateways the associated gateways must be defined Gateways must also be defined for networks reachable via static routes So what we're gonna do is to show you exactly how to modify the settings see the default settings And when or when you do not need to modify those settings So when editing a gateway the following settings may be defined interface address family name No spaces on special characters, etc. And I'll leave a link to this so you can go through here now This is a couple of things we're gonna do is Talk about and there's beyond the scope of this but they do have a link and I do have videos on this And we'll be doing some updated ones soon on load balancing We're not gonna get deep into that but I will mention that this is all in that same location as that information and we're gonna go look at my firewall directly and This right here is my home firewall and the default for the gateway monitoring is going to be The default WAN DHCP address That's just how pf sends grabs up by default So if you have it says DHCP it's gonna grab the whatever gateway was handed to is an address if you have a static IP address that you're assigning or even a bulk of IP addresses the gateway still becomes a default IP you monitor now You may or may not want that and the reason why is it kind of depends on how you're being provisioned internet So let's say we have a scenario where we have two different ISPs coming in One's providing us and we have a client with this exact scenario one has fiber The backup is cable the fiber block has a block of IPs and the first gateway happens to be The box that they essentially provided it's provisioning the fiber So the fiber comes in goes to the box the gateway is there That means if the fiber line is cut the gateway still pings So it doesn't know to fail over to the cable modem that is their secondary internet connection That is a instance where you want to update and we're going to show you how to modify What you're paying for the IP address and what happens in those scenarios and another scenario you may see is some of the LTE devices or different provision devices that provide backup internet may not allow for Assigning the WAN a public IP address in the gateway So the gateway is the LTE device same instance if the LTE device goes down in terms of its connectivity You don't want it to ping the LTE device You want to ping at least one hop past that LTE device that may be providing internet So if you have a cellular backup instance like that or a fiber backup where it's on site and you're monitoring that local IP That doesn't really tell you that anything went down And it doesn't usually ever have any packet loss unless there's something wrong with the physical layer between that connection to that box In the pfSense which it's just a rare scenario. It's just not something happens So in those scenarios you want to go one more hop out whatever that next hop is going to be so you can find a steady Connection and say all right that's what I want to monitor now I've seen people say well can't you just use like cloudflare DNS because it responds to ping or Google DNS because it responds to ping Yes, you can the problem is that doesn't necessarily always tell you that the gateway is down And I say that because if there's something goes on with that particular IP address and it goes down It will give you bad information and tell you that the gateways down if there's latency getting to only that particular DNS because they have an Outage or really any IP address you put into ping I just use those as examples because they do respond to ping requests Anything that you put in to respond to ping requests You're really only checking the latency and connectivity to that particular IP So it may or may not be the right scenario that you're looking for what in terms of Monitoring it so generally you go within the network that is providing the internet and you'll go one hop in or In case if the hop is local to you one more hop so second hop All right, let's talk about the settings and actually what it looks like. So as I said, I'm assigned a public IP address via my Cable internet service provider and I just have it set to DHCP. I don't have static IP at home. Don't need it And then the gateway is 69 14 60 Dot one and good news is they do support ICMP So I can ping them and they do respond because that's another important thing It's rare But I mean I'm not going to say it's never happened where you find some providers not providing proper ICMP replies. So that is obviously kind of a prerequisite here. So let's go here and We can see that when address family name WAN DHCP gateways dynamic because it's all you set up that way now We can disable this we can just turn off gateway monitoring if you want We can disable gateway monitoring action and if it was in a gateway group and I've you can refer to How to set up like a load balance group or a failover group? That would be another way that you could say well I don't want this monitor action to have an effect on that but now let's go down here and we have advanced turned on now The default latency low and high thresholds I have the latency thresholds set to 100 and 500 because to me and I was having some kind of unusual issues That's why I adjusted it down. You don't always want and maybe if you're using a satellite connection You'll have to actually adjust these higher because those are generally higher latency connections But you don't always want it to throw an error every time a ping goes over 100 But because of a particular problem I was trying to trace I found it really odd and I was having issues with my particular internet connection Which is kind of what brought about this video is some of the tracing I was doing on this Now the other thing I have set is by default it has to lose up to 10 packets to declare that it has reached a packet loss threshold so 3 is alarm 10 is member down or complete loss and the same thing with here at a latency that exceeds 100 That's alarm a latency that exceeds 500. I consider well That's the default that is what I consider loss and now if this was in a gateway group I only have a single provider at home, but if it was in the gateway group These are the triggers that you're setting to one log it and two to determine that you should be pushing data over the other Gateway and in the event that you have these setups like a failover group These are those thresholds you're setting and then they also have how often should I see me probably set defaults as 500 Lost interval time. I leave the rest The defaults and for the most part you can probably always leave end of it defaults with a few exceptions And one of the things that's really important to remember is latency is a really Thing really interesting thing you have to think about because you may have no problems at all with that 200 setting for latency and generally speaking you're not unless you're doing a lot of voice if you're doing a lot of voice traffic Well, that can be a problem or maybe in my case We're playing games and we can figure out why we're getting high latency And there's nothing more rage inducing than high latency causing problems in the game and that online game Not working the way you want so we did some monitoring now What does that look like well we go over here and we're gonna go over to system logs and Then the gateway and you can see some of the dates that I had these issues now I was experienced a little bit of packet loss here in there So I had 12% here 12% here and a couple different days It turns out just resetting the modem made all of these problems go away But they were just kind of random for a couple days So it happened on May 20th May 24th, and then again on May 27th, which was just the other day I reset it and it didn't happen again I don't know but this is one of those things there your contact in the cable company You they're always you know they just say to reset it was usually their generic answer but you probably want some logs as you want to be more definitive on how often it's happening and Also, this helps to determine whether or not it's your computer's connection on the network Or is it the system itself and this is a nice feature I like in PF sense being able to monitor this and have this information Now the other thing you can do when I go to the front page on here is you can have the gateway monitor on there And the nice thing is it's a quick way to grab and look and say alright. This is what it's pinging. This is what its current Losses and you can get the idea really quickly in status online now when you adjust those settings It'll give you that status because the status could be like packet loss or latency on there But it's pretty straightforward to set this up it's not hard to do and I like that it creates these logs because then you have a little bit more definitive information and Years ago. I had used this to help determine a really strange issue that the people from my cable provider were really They were interested because I had had logged it for so long that every day between Roughly two and three o'clock. I was getting consistent packet loss on an absolute daily basis And by using this to see that it just happened exactly at the same time Every day with a couple exceptions They would have that problem. Well, it didn't happen on days that were cloudy as it turned out So I was correlating this with weather data and it turns out They had a box that was overheating and when the Sun was hitting it at the right angle between houses is their theory because they had to Replace an entire circuit essentially. They assume it was just overheating It would just drop for it was dropping for like 10 and 15 20 minutes at a time Always around two o'clock every day was when the Sun was hitting it but on cloudy days It didn't overheat and this was in the summer and this was going on for a week And it was a really puzzling problem for them But having this set up is it's pretty sure for a set up It's easy to tune and you have to tune it based on your use case and it's you know having logs is everything I know there's plenty of other tools to monitor gateways and Link monitoring and ping plotting and things like that, but it's nice that this is built in the pf Since it's a nice quick look when you're trying to solve a latency issue or that It's also something that you may want to think about fine-tuning Because we've had people trying to figure out why they didn't fail over and I'm like because you're pinging to fault gateway And they're like yeah, that's what I should do. I'm like no that fall gateways that fiber box in your rack When someone cut the fiber line in a basement it didn't it just it's not pinging out any further So it didn't instantly fail over to your backup connection because of that So we had to put it one hop out So there's you know edge case scenarios where you do have to make some modifications to it I just wanted to raise some awareness and kind of do an explainer of how that works I will be doing some future videos though related to load balancing and how that works because same thing you want to push Connections to whatever connection has the lowest latency and that is something you can do by adjusting the settings Like they say in a documentation that'll be a future video and goes beyond the scope of this particular talk Thanks And thank you for making it to the end of the video if you like this video Please give it a thumbs up if you'd like to see more content from the channel hit the subscribe button and hit the bell icon If you like YouTube to notify you when new videos come out If you'd like to hire us head over to Lawrence systems calm fill out our contact page and Let us know what we can help you with and what projects you'd like us to work together on If you want to carry on the discussion head over to forums not Lawrence systems calm Or we can carry on the discussion about this video other videos or other tech topics in general Even suggestions for new videos. They're accepted right there on our forums, which are free Also, if you like to help the channel in other ways head over to our affiliate page We have a lot of great tech offers for you and once again. Thanks for watching and see you next time