Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to PROPERLY achieve MULTI-WAN in pfSense 2.0 ???

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    2 Posts 2 Posters 4.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sierradump
      last edited by

      Looking for some help on how to PROPERLY achieve a Multi-Wan environment?  I've had a look at "outbound load balancing" sticky; but am still a little confused on how to successfully accomplish what I am looking for.

      We currently use ClarckConnect for the SOLE purpose of Multi-Wan in combination with a Sonicwall Firewall/VPN Appliance…  Recently a colleague of mine recommended I have a look at pfSense 2.0 with its many new developments.  I previously played around with pfSense 1.2.2 and while I successfully had FAILOVER working, I never could get reliable multi-wan capabilities; especially the "sticky" connections as I believe they are called? (user would log into an https site, and upon clicking on a link - would be prompted to log in again as the gateway would switch back/forth)...

      SCENARIO:  We have 3 Internet connections consisting of, T1, Cable, and DSL.  Our server has 8 INTEL PRO Gbit NICs.  In an effort to maintain speedy internet connections for all of our users, we would like to aggregate all 3 of the above connections - ensuring that all users have adequate bandwidth for their needs.

      Using Clarkconnect this is a rather easy process consisting of setting up the nic as "EXTERNAL" and then setting "weights" under the "MULTI-WAN" tab for each connection.  Our current setup looks like this: 
      CABLE:  50%
      DSL:      30%
      T1:        20%
      Should any of the connections FAIL;  The connections automatically failover and balance (according to weights) to the remaining 2 active connections.

      After looking at the "Outbound Load Balancing Guide" in the sticky section; I assume this is the proper way:

      1.)  Create A SINGLE(?) Routing Group
      2.)  Assign Tier1 status to ALL WAN interfaces of Single Routing Group

      But how does the LOAD BALANCING work???  Is it simply a round robin?  Is there a way to assign "weights" to each interface so that my CABLE interface gets used MORE than say the DSL & T1 interface?

      Would I be better to setup MULTIPLE routing groups?  i.e.

      ROUTING GROUP 1:  Cable WAN set as Tier1  (Packet loss/high latency)
      ROUTING GROUP 2:  DSL WAN set as Tier1    (Packet loss/high latency)
      ROUTING GROUP 3:  T1 WAN set as Tier 1      (Packet loss/high latency)

      ?  In the above setup, would users get balanced over to Routing group 2 & 3 if for instance, the cable WAN was at capacity???

      THANKS FOR ANY INSIGHT..........

      P.S.  I did read that 2.0 is NOT FOR USE IN PRODUCTION; and am fully aware of this...  Our internet access is not MISSION critical - I am simply looking to explore my options vs. our current setup.

      1 Reply Last reply Reply Quote 0
      • C
        craigdrown
        last edited by

        certainly on v1.2.2 it's simply a matter of adding multiple instances of the same interface to a load balancing group
        We have a 1.5Mbps line with 512Kbps backup, which is always on, so the 1.5Mbps line has three entries in the pool and 512 has one- works fine. Failover is in either direction.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.