Skype sticky connection
-
Hi everyone I just want to ask how do I configure my load balancing in pfsense concerning skype's VOIP connectivity. I put port 443 in a sticky wan side but most of the time I got choppy connection while having call in skype. What should I do?
I hope anyone understands my problem, sorry for my english.
Thanks
-
How sad no one knows in this pfsense forum
-
The trouble with skype is it deliberately uses random ports in order to have multiple clients behind the same NAT. It's difficult to route using policies for this reason. I believe however you can set some ports manually from within Skype? I haven't used it much.
Steve
-
You could try some layer7 filtering which seems to be able to detect skype. :-\
Steve
-
Thanks steph but that layer 7 filtering is far far beyond my knowledge,,I'm only a newbie.. Anyway I will try your first comment . Hopefully I learn the layer 7 filtering it sounds very interesting sniffing in one of the osi model layer
-
You could try "Sticky connections" under SYSTEM -> ADVANCED -> MISCELLANEOUS
-
Hi Nachtfalke I saw that sticky connection. Do you think it can't affect my load balancing setup?,sorry I'm just newbie in network world. I really appreciate your help
-
Using sticky connections should affect your load balancing positively. It should stop problems with https that some sites have when connections come from more than one source.
However some people on the forum have reported it doesn't work correctly. It's worth trying though, you can easily change it back.How big is your network? How many skype users do you have?
Steve
-
@sympatikong:
Hi Nachtfalke I saw that sticky connection. Do you think it can't affect my load balancing setup?,sorry I'm just newbie in network world. I really appreciate your help
It should help with you problem. Try it and if it doesn't work, just uncheck it again.
Instead of using sticky connections, you could create a firewall rule for special protocols like https or for a single client (source) to only use one WAN and not the LoadBalancing Group.
But this rule has to be ahead of the LoadBalancing rule. -
What might be more effective, given the random ports that Skype uses, would be to setup a loadbalacing rule that catches traffic using known ports (http, pop3, smtp) and have everything else use a single wan. You could set this up for just one IP so everyone else gets everything load balanced.
Steve
-
I already point https to stick with 1 wan and avoid load balancing. Did I have to set port of 80 the same wan side with 443?,because some other sites use both 80 and 443,if I'm not mistaken.
-
Are you having trouble with websites?
Generally speaking http traffic on port 80 should be ok on load balancing.
What is the majority of your traffic?Steve
-
A friend of mine told me about some conflict with port 443 separating with 80. That's why I really confused. Majority of my traffic is port 80 especially streaming
-
I added a screenshot with all ports which I do NOT use for LoadBalancing.
All other ports use LoadBalancing.I created an Alias for these ports and created a different Routing Group with different Tier for my WAN connections. So if one WAN goes down, it uses automatic failover for the "No LoadBalancing" Ports.
Because of this firewall rule I do NOT use sticky connections and it works fine for me till now.
-
Thanks natch for that. It will be a great help for me. Another concern is about bandwidth usage here, i want to create a necessary amount of bandwidth in online streaming. Do you think traffic shaper can handle it? Does the load balancing set up and manual port config be affected? Thanks so much
-
I think, Traffic Shaper could do that but I think it is misplaced in this thread.
Try to search the forum for TrafficShaper and if you have questions after that, just ask in the forum.I am not able to help you with Traffic Shaper because I do not use it :)
-
Thanks a lot nach =)
