Help with Multiple WAN setup.
-
Have a look at http://doc.pfsense.org/index.php/Multi-Wan/Load-Balancing
-
Have a look at http://doc.pfsense.org/index.php/Multi-Wan/Load-Balancing
Hi hoba, yeha I did have a look at that link but its a tutorial for a DHCP setup which is not what i'm setting up. Would the load balancer and firewall rules be the same for static IPs as they would for DHCP?
-
Yes, the only difference is the interface>wan and interface>optwan configuration. You configure them static there instead of DHCP. The rest is exactly the same.
-
Ok thanks everyone for the help. I think i'm nearly there. I'm having one problem though with our wireless broadband connection.
The thing is it connects to an antenna on the roof, then connects from their to the bas station. There is no gateway interface to change any of the connection settings.
We connect using (examples):
IP: 89.16.71.84
GW: 89.16.71.1
DNS1: 213.168.233.7
DNS2: 213.168.233.6Now in my Opt1 settings, i'm setting it as static and inputting IP and GW shown above, but there is no option to add the DNS IP addresses? I can't connect to the internet on this connection? In my status/interfaces settings (i've attached a screenshot) it shows that is isn't picking up the DNS servers which i'm guessing is the reason I have no internet connection. Is there a way to tell pfSense what the DNS servers are for a specific connection?
If not, is there a possible solution to my problem?
-
At system>general uncheck the "allow to override DNSservers by DHCP/PPPOE" box and add your DNS Servers there. For Redundancy you should use one from WAN and one from OPTWAN. You'll need a static route for the DNS-server at OPTWAN to be routed out through OPTWAN.
-
what do I do if I have 3 WANs? I'm going to be load balancing 2 WAN connections from the same ISP and a 3rd wireless connection. How can I set up the DNS for this?
One thing also, the 2 ISP connections share the same DNS addresses, is this going to be an issue when load balancing them?
-
We are working on making the dns server fields more multiwanfriendly atm (adding more fields and adding a dropdown next to it to dtermine which connection they belong to to automatically create the needed routes nbehind the scenes). However in the meantime setup the dns like I said earlier. You can edit the config.xml to hold more DNS items if you really expect 2 links to fail simultaneously.
-
Its not that I expect them to fail, more will leaving out any of the DNS addresses affect the correct load balancing of the 3 lines?
-
Ok well i've gotten both the wireless line and one of the router lines set up and load balanced. I now need to setup failover. Has the option to set up failover been removed from the load balancing section? Is it located somewhere else?
Attached is a screenshot of the load balancing configuration screen in my version of pfSense, and below is the screenshot from the tutorial I was following to set up load balancing.
http://doc.pfsense.org/index.php/Image:EditPool.jpg
You can see there is a section called "behaviour" that has been removed or is not available in the screenshot i've attached.
-
The failovercode can only be found in the latest snapshots. Please upgrade. You'll find them at http://snapshots.pfsense.com/FreeBSD6/RELENG_1/
-
Ok, i'll update to the latest snapshot. I'm having some other weird problem now. When I set the wireless internet line up as the main connection (WAN) I have internet access. When I set the main routered connection as the WAN connection I have internet access, but when I set them up together and load balance them my internet connection is intermittant, sometimes it connects sometimes it doesn't. I'll have pages where they'll begin to load then half the pictures won't display.
I've attached the connection logs below, the ICE connection is my wireless connection. Maybe you can explain whats going on with my LAN connection, it seems very odd.
-
Ok I upgraded to the latest release. I'm not getting this error in my status>interfaces section for the wireless ICE line, it says "Status: no carrier". Do you have any information on why it would be giving this error?
-
Make sure your pools don't go up and down and up and down due to bad quality links. If pings to the monitor IPs fail the link will be excluded from the pool. You can try to setup local monitor IPs, just to test if this is the case. It won't detect a dead link then of course.
No carrier means no cable plugged in. No link.
-
thanks again. Yeah the cable was loose at the back of the pc, i've since replaced it and the error is gone. The connection with the wireless DSL line is too intermittant at the moment, so i'm going to exclude it from the pool until our suppliers can guarantee a better service. i might throw it into the pool as a worst case scenario failover, whereby its only used when both of the other lines fail.
Is there a way of telling pfSense to not exclude a connection from the pool? Will it ever include it again?
Ok well, since removing the wireless connection, I've set up both of the routered DSL lines to be load balanced. However the load balancing does not seem to be working. I've tried both connection on the "WAN" connection alone and I can get access to the internet, but when I set either connection up as opt1 I can't get internet access. I've attached some screenshots below of the loadbalancing rules, the static route rule and the status/load balancing screen.
The only reason I can imagine that this problem is happening is that both connection share the same DNS servers. But i've assigned one DNS server to each and testing the failover by just unplugging one connection at a time from the back of the PC.
If you have any advice on what I might be doing wrong i'd really appreciate the help
-
Looks like you used the dns servers as monitor IPs? Then you don't need to add a static route for the dns server at OPT1. The system generates static routes to monitor IPs through the correct interface behind the scenes to make sure the monitor ping leave through the correct interface. Delete the static route and try again. I guess you have DNS problems atm. Try to ping a public IP instead a domain name. If this works your Problem is DNS related.
-
Ok I deleted the static route, and I set WAN1 to have www.google.com as its monitor and WAN2 to have www.yahoo.com as its monitor. My problem now is when I plug out my WAN1 connection in status>load balancer it shows that both connections have gone offline? What would be causing this? When I plug the connection back in again both connections go online again.
Surely it they are both pointing at different external monitors, one line shouldn't be affected by the other?
-
Only successful monitopr pings determine if a link is up or down. This is pretty strange. Maybe try a reboot. You seem to have changed quite a bit back and forth. Btw, I recommend using other monitors than google or yahoo. You usually should use your gateways or something few hops away from you.
-
Just as a note. I've done a few factory resets so far so there are little or no settings changed.
The problem i'm having is very weird though and I can't think of a possible solution.
I have 2 connections ok:
The first has IP: 192.168.1.222 GW: 192.168.1.254
The second has IP: 190.165.0.10 GW: 190.165.0.254When I plug either connection into the "WAN" connection in pfSense and set the IP and GW I can get access to the Internet, but if I set up either connection on the Opt1 connection I can't. Is there some setting I need to enable to get access using only the Opt1 connection? I notice in the "status>interfaces" screen that there are no DNS servers listed for the Opt1 connection, is there any way of setting DNS servers for the Opt1 connection.
Also is there anything else I need to configure for failover to work correctly? Or will it work just by setting up failover rules in the loadbalancing section?
-
…
http://doc.pfsense.org/index.php/Multi-Wan/Load-Balancing has quite some extensive information about multiwan setups.
It really should work just like this. We are not hiding any options just to cause users headaches ;)
-
Post your current settings. I just got my dual want to work (DNS is a problem when I switch stuff on, but it starts up soon).
What is you load balancer setting? What are the LAN firewall rules?
Can the firewall ping the 2 gateways?
Did you make any other changes?