Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Loadbalancing no go and PFsense crashes

    Scheduled Pinned Locked Moved Routing and Multi WAN
    25 Posts 5 Posters 13.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H Offline
      hoba
      last edited by

      Do you actually use the pool as gateway in your firewallrules?

      1 Reply Last reply Reply Quote 0
      • M Offline
        msatter
        last edited by

        That is correct and I have more information en conducted some tests.

        When I startup the computer and look at the consolle it will state on the line for the firewall starting the different rules however it also stat 4 times "bad adress: balancer"

        balancer is the name of the load balance pool and that also occured when it was Load_balancer.

        Secondly I can ping from ont het PFsense prompt to gateway and then the first point behind the gateway toe the first adress of "IP adress block" and on the other I can only ping the gateway and external adresses. I don't get that.

        I hope this information helps to find the problem why the load balance pool will not activate automaticly and why the backup won't work and that round-robin won't work?

        Marcel

        @hoba:

        Do you actually use the pool as gateway in your firewallrules?

        1 Reply Last reply Reply Quote 0
        • H Offline
          hoba
          last edited by

          I might have a quick look at your setup if you catch me at IRC (freenode, ##pfsense). You really must be having set up something wrong.

          1 Reply Last reply Reply Quote 0
          • M Offline
            msatter
            last edited by

            Thanks Hoba,

            I have send you by mail the config.xml and I will try a factory reset and only configure lan,want,opt and loadbalance pool and no rules….yet.

            Marcel

            @hoba:

            I might have a quick look at your setup if you catch me at IRC (freenode, ##pfsense). You really must be having set up something wrong.

            1 Reply Last reply Reply Quote 0
            • H Offline
              hoba
              last edited by

              • Disable advanced outbound NAT or add an outbound NAT rule for your SDSL interface
              • For the pool you have to use the GATEWAY IPs, not the interface IPs (in your case you can use the same gateway IP and monitor IP; for WAN it's 195.xx.xx.185, for SDSL it's 82.xx.xx.49)
              • Change your firewallrules at LAN to use either the default gatewy, the sdslgateway or the pool (depending how you want tu utilize your bandwidth)

              Btw, I already have asked you several times if you really use the Gateway IPs and not the Interface IPs  ::)
              The way you have set it up you send your routing into a kind of loopback mode which leads to a crash and due to the missing outbound nat rule for SDSL Interface it was not working beyond the SDSL subnet.

              1 Reply Last reply Reply Quote 0
              • M Offline
                msatter
                last edited by

                Danke schön Huba!!! It works like a charm. I used a clean installation to test it so I will try tomorrow to use my original config file.

                I will write more tomorrow when I have tested it with the old configuration that will adapt to the working situation.

                5 Mbit that is a nice speed so surft over the Internet.

                Vielen danke nochmals für die super Hilfe!! /  A lot of thanks for the super help again!!

                Marcel  :)

                1 Reply Last reply Reply Quote 0
                • H Offline
                  hoba
                  last edited by

                  Nice  :D

                  1 Reply Last reply Reply Quote 0
                  • S Offline
                    sullrich
                    last edited by

                    Now since we took so much time to help you, please help us by imprvoing the documentation on the wiki.  Please correct whatever load balancing related items that did not make sense but do now.

                    1 Reply Last reply Reply Quote 0
                    • H Offline
                      hoba
                      last edited by

                      http://wiki.pfsense.com/wikka.php?wakka=OutgoingLoadBalancing

                      1 Reply Last reply Reply Quote 0
                      • M Offline
                        msatter
                        last edited by

                        Will do and my problem was that my brain would not see GW and IP as the same thing so when I read it it automaiticly splits in to different things.

                        In PFsense they can be the same when it is concerning loadbalance.

                        I will adapt the document so it will be dummy proof and I also suggest some extra tekst in the screen where you can setup the loadbalance.

                        I have been busy today to make a clean install of PF and I don't understand the NAT bit because it is running correct without it and Huba suggested me to make an outbound NAT rule on Wan2 and to disable advanced outbound NAT….ehm have you ever tried to do that? I think you will have to manually edit the config file to do that it is not posible to achieve that in the webinterface.

                        I have now nog NAT active because I cant switch it off when I activate it.

                        My next item is Squid and the loadbalancer because I love that programme. I tried it and it only wanted to go to the standard gateway and not use the loadbalance pool. I saw some information ablout the localadress (127.0.0.1) and port 666. I read in the forum and it became clear to me that it would not be easy to archieve that.

                        My question is if it is posible to see the loadbalance pool as an uplink proxy and adress it through a addres and port?

                        I will make my suggestions next week and I wish you all a very nice and rexaling weekend!

                        Marcel

                        ps. I had already today people that tried to get in to the firewall through port 222, I am sorry it is still closed and will remain that way  ;D

                        1 Reply Last reply Reply Quote 0
                        • H Offline
                          hoba
                          last edited by

                          @msatter:

                          I have been busy today to make a clean install of PF and I don't understand the NAT bit because it is running correct without it and Huba suggested me to make an outbound NAT rule on Wan2 and to disable advanced outbound NAT….ehm have you ever tried to do that? I think you will have to manually edit the config file to do that it is not posible to achieve that in the webinterface.

                          I said either or. If you turn advanced outbound NAT off, it does set up NATs for all interfaces with gateway automatically.
                          If you need advanced outbound NAT for some reason (like having multiple public IPs for example) you have to create a rule for all your WANs so the traffic gets natted.

                          @msatter:

                          My next item is Squid and the loadbalancer because I love that programme. I tried it and it only wanted to go to the standard gateway and not use the loadbalance pool. I saw some information ablout the localadress (127.0.0.1) and port 666. I read in the forum and it became clear to me that it would not be easy to archieve that.

                          My question is if it is posible to see the loadbalance pool as an uplink proxy and adress it through a addres and port?

                          This won't work, only connection THROUGH the pfSense will be loadbalanced. Connections originating from the pfSense itself (like squid) can't use the pool. You can set up an external squidbox inside your LAN that goes through the box and thus will be balanced.

                          @msatter:

                          I will make my suggestions next week and I wish you all a very nice and rexaling weekend!

                          Same to you  :D

                          1 Reply Last reply Reply Quote 0
                          • M Offline
                            Mercredi
                            last edited by

                            really interesting discussion and hoba's answers. thank you all. (while creating loadbalansing pool and using instructions i also thinked that it would be great to improve documentation and to add some texts in the user interface of pfsense)

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.