====== Multi-WAN with opnSense ======

opnSense make it pretty easy to support and manage multiple Internet Service Providers (ISP), also called //multi-wan//. 

The basic idea is that you have two (or more...) upstream connections to the internet, via different providers. Each one is connected to your opnSense using a specific dedicated interface, ethernet or USB/Ethernet.

I will assume the following:
  * ISP1 is connected to ethernet port 1, interface called WAN
  * ISP2 is connected to ethernet port 2, interface called ISP2

opnSense lets you configure your interfaces both for **failover** and **load balancing**. I will show you how to set them up for **failover**.

=== Failover ===

You will use your primary ISP (faster, better?) as usual, but when it goes down, the secondary ISP (slower maybe?) will kick-in and replace it until it comes back up. This is all automatically managed by opnSense, all you need to do is:
  * Configure the gateway for each ISP
  * Assign a test IP for each gateway
  * Define a gateway group, assign both gateways with different priority

The complete process is described pretty well [[https://docs.opnsense.org/manual/how-tos/multiwan.html|here]] and i will not get into details. 

A few notes, which might save you time:
  * Remember to assign different test IPs, and use test IPs which are __solid__ like google or cloudflare's DNS services
  * Remember to **enable** the IP checking, of the gateway will __not__ be tested for connectivity by default

Also, something which proved useful to me, was to configure Unbound DNS forwarder using public DNS records which are **not** linked to a specific ISP, like the google or cloudflare or even AdGuard DNS servers.