Putting some informations and requirements about LoadBalancing cristal clear.
-
Hi again, im really trying for the last 3 weeks to setup my load balancer in Pfsense. First was the Vmware problem, after reading some books and searching the forums that´s solved, Pfsense LAN interface act bridge as Vmware Adapter on Windows, passing and receiving data normally, ok !
Then i move to setup the load balancer itself, here a quick setup :
3 Cable modems, everyone with diferents IP, Gateway.
Here´s my first question, IT IS MANDATORY TO HAVE STATIC IP´s and GATEWAYS ? ?
Ignoring this step above, i setup the pfsense, the loadbalancer, the rules, the gateways, in the ARP tables all the routes are OK (OPT1 -> go to the right gateway and etc) but the Pfsense uses only the WAN, not the others.
I setup Static Routes, Sticky connections but nothing helped, checking the Pool everything is green, i CAN ping google.com from all the interfaces on the ping option, but still, no load balancing :-[
Can anyone give me some light ?
-
No you dont need static IPs.
But afaik the gateway should stay the same.Did you follow a tutorial?
What rules did you create? -
No you dont need static IPs.
But afaik the gateway should stay the same.Did you follow a tutorial?
What rules did you create?Yes, i exactly followed every tutorial i found. Later i'll started to try my own settings !
Here are some of me settings !
I'm sorry if any of my setting appear to be obviously wrong or worse, but after mess with so many options and tutorials i think i'm letting something simple but crucial to the system pass without notice.
Thanks for the help ;D
-
The rules work on a top_to_down and first_match basis.
Your LAN rules are wrong.
Your rule that would balance is below the default "allow all" rule.–> The default "allow all" rule always catches and no traffic is fed to the balancer.
Also on the WAN you have below the specific "allow" rule a generic "allow all" rule.
What for?The same on OPT1 and OPT2.
Why did you create "allow all" rules?
Are you expecting inbound traffic?
Or did you create these rules to "allow traffic out"?
The rules dont work this way.
They are always applied on traffic inbound to the pfSense.
Never outbound. -
Thanks for the patient GruensFroeschli !
Yes the LAN rules was a little messy, but it's fixed now.
After fixing the settings following your lead i manage to almost use the balancer, when i try to download a huge file it start using full bandwith (2mb/s) but then drop and only use OPT2 bandwith (400k/s)
Is there any test i can do to find out what's happening ?! Or force the balance to use full strenght ?!
Another simptom is i can see OPT1 and OPT2 ip's from www.whatismyip.com but not wan ! I can ping www.google.com from WAN's Ping test, but cannot see it on the ip test :P
And yes, i'm expecting inbound traffic to the Utorrent (using port 56789), the firewall is full of blocks coming from wan, OPT1 and OPT2, even i openning such ports on the firewall.
I'm asking much i know, but i lurked every single tutorial out there :'(
Thanks for the help !
-
What you describe, that a download only uses the speed of a single WAN, is correct.
The loadbalancer works connection-based and doesnt sum up all the bandwidth you have.
You could use all the different WANs if you use a downloadmanager like getright, where you open multiple connections for the same file.If you expect inbound traffic: only a firewall rule is not enough.
You also need NAT-rules under: firewall–>NAT.I wouldnt open up everything.
Only the ports needed to the IPs needed. -
Yes, i'm using utorrent and downthemall! and still only one connection (OPT1) is being used :-[
And yes, i'm expecting inbound and outbound(upload i mean) traffic, and still only one connection being used :-[
Another thing, i messed again with the firewall rules and can't access the Browser interface anymore, is there a way to reset only the firewall settings without reseting the whole Pfsense ?!
Thanks again Gruens !! ;D