Loadbalance/failover

Quandion

Hi,

I'm trying to make loadbalancing between some webservers, and a failover to another if the first group isn't available

How-to do this?  ???

I have found the following:
services –> loadbalancer
create a pool of type "server" and add all your servers below.
create a virtual server and use your pool.

Kind regards
Quandion

jigpe

Webserver loadblancing? I think that is not possible.

jigp
Davao City

GruensFroeschli

@jigpe:

Webserver loadblancing? I think that is not possible.

jigp
Davao City

This is wrong.
Webserver loadbalancing is possible !

The place you found is right.

1: create a pool containing all your server (of type failover if you want it to failover).
2: create a virtual server (on the second tab). Use the pool you created before as the "virtual server pool".
3: create a firewall rule allowing access to the pfsense, on the port you specified before.

Quandion

Thanks,

I'll try this asap.

Regards Quandion

Quandion

Hello,

How should the firewall rule be setup, can't seem to get it to work

The failover pool only shows up in Gateway, but my logic says it should be in destination

Proto | Source | Port | Destination | Port | Gateway | Schedule | Description
TCP  | *        | 80  | ????          | 80  | Default  |              | Failover Rule

Is the above correct understood?, and what should the destination be?

Regards Quandion

GruensFroeschli

With destination you define "what" is allowed. (destination: "any" allows all connections to everywhere. You want any here if you want to use the internet

With gateway you define "how" it will be transmitted. If you set the gateway to default packets will be transmitted according to the routingtable on the pfSense.
If you set the gateway to a pool, the pool settings decide where the packet will be sent.

Quandion

Hello,

Still cant get it to work…
I have now started all over with a clean pfsense since the old one didn't seem to work and started to anoy me

Here is what i am trying to do,
http://bayimg.com/FAaAFAACm

LB pool
http://bayimg.com/EaaAoAaCm

LB virtual server
http://bayimg.com/JAaLdaacm

FW rule
http://bayimg.com/fAaAhaaCM
http://bayimg.com/FaAaIaaCm

Is this correct?

The 2 webservers are reacable from the inside clients with their internal address but not with the public, neither are they reaceable from the outside at all.

Regards Quandion

GruensFroeschli

probably a ctrl-c, ctrl-v error, but can you post the correct link to the screenshot of the LB virtual server? :)

How did you test?
Are you aware, that you cannot balance like this if you access from the inside? (will only work for external users)

Quandion

Sorry 'bout that..

Here's the correct link http://bayimg.com/JAaLdaacm.

As for the testing,
i have tried to access the outside ip of the pfSense, the 192.168.170.197 address on port 80, and it just times out

No I didn't know i can't be used from the inside but that is okay, when it is out of testing noone will ever be there and those few times it happens the are aware of it

Regards Quandion

jigpe

Ok thanks ill try this. Thanks for the heads up

jigp
Davao City
1.2.2