PFsense 2.0RC2 Dual Wan Loadbalance
-
well, it depends what you want.
do you want loadbalancing or failover ?
loadbalancing includes failover.
failover does not include loadbalance.
It is possible you'd want both. for example you could want to loadbalance http traffic, but only want failover for https/ssh/…
but generally you would just need 1 rule to setup loadbalance or failover.
so i'd suggest you remove all the rules in your lan tab except the bottom one. So leave only the one having "loadbalanceWans" as gateway. Then check in system-->routing if the "loadbalanceWans" group has all the gateways in the same tier.
This should be enough for basic loadbalancing+failover.
-
@wifijunkie
first rule for accessing subnet on WAN1-
-
- WAN1 net * WAN1 none
first rule for accessing subnet on WAN2
- WAN1 net * WAN1 none
-
-
-
- WAN2 net * WAN2 none
third rule for LoadBalancing
- WAN2 net * WAN2 none
-
-
-
-
- * LoadBalancingGroupe none
-
-
You do not need seperate Failover rules. This wa sin pfsense 1.2.3
In pfsense 2.0 you use groups. If both lines in a groupe have the same Tier, then they do LoadBalancing. If one line goes down, it automatically switchs over to the other line. So you just need one rule for LoadBalancing/Failover.@heper
The firewall rules apply from TOP to DOWNAs far as I know - I do not use manual outbound NAT - this rules apply from BOTTOM to TOP
The firewall rule example I made at the beginning of my post has the correct order.
-
-
@wifijunkie
first rule for accessing subnet on WAN1-
-
- WAN1 net * WAN1 none
first rule for accessing subnet on WAN2
- WAN1 net * WAN1 none
-
-
-
- WAN2 net * WAN2 none
third rule for LoadBalancing
- WAN2 net * WAN2 none
-
-
-
-
- * LoadBalancingGroupe none
-
-
Sir,
Do i still need the first and second rule for loadbalance or the third rule is sufficient enough?
I'm sorry, I'm confused with your post as well as with heper's.So in my FLOATING tab, this rule is enough to loadbalance and failover if my gateways are on same tier?
-
-
-
- * LoadBalancingGroup none
-
-
-
-
I do not use floating rules.
I just use these 3 rules for loadbalancing with to DSL connections.
1.) first rule for accessing subnet on WAN1
* * * WAN1 net * WAN1 none2.) first rule for accessing subnet on WAN2
* * * WAN2 net * WAN2 none3.) third rule for LoadBalancing
* * * * * LoadBalancingGroupe noneThe first 1.) and the second 2.) rules are only that I can connect the particular WAN subnet.
DSL1–-WAN1-Router(IP 192.168.200.1)-----
pfsense(IP 192.168.50.1)----Client(IP192.168.50.20)
DSL2---WAN2-Router(IP 192.168.100.1)-----/If I onle use LoadBalance as Gateway in my firewall rules, and the client would like to connect to the WAN1-Router with the IP 192.168.200.1 then it is NOT sure to reche it, BECAUSE the LoadBalancer in pfsense does Round Robin. So it may be possible, that my connection goes out over WAN2-Router and then will not reach the IP 192.168.200.1
To make sure, that this works correct, I/you have to use the rules 1.) and rule 2.) above the LoadBalancing rule 3.) -
you don't need any rules in the floating tab.
if you put nachtfalke's rule #3 in you LAN tab then you should be good to go
-
-
I don't know if you really know, what LoadBalancing in pfsense means. LoadBalancing in pfsense uses Round Robin.
If you are downloading one file and you use LoadBalancing, than you could download this file with 18Mbit/s OR 6Mbit/s but you will NEVER get 24Mbit/s while downloading one file!
If you are downlaoding two files, than one can be downloaded with 18Mbit/s and the other file with 6Mbit/s. LoadBalancing increases you overall bandwith but it will not increase your download speed.
-
That's correct.
But you can still increase your download speed if you are downloading torrents. It takes advantage of the multiple connections and uses both lines to give you the full bandwidth simultaneously.
-
That's correct.
But you can still increase your download speed if you are downloading torrents. It takes advantage of the multiple connections and uses both lines to give you the full bandwidth simultaneously.
Nothing else I said before :-)
-
Thanks for the help. I think I got it now, but I cannot test it yet because my default ISP is down.
But in my firewall log, all traffics are going out to the my default ISP even it is down. Is this okey?
I just put the:1.) first rule for accessing subnet on WAN1 * * * WAN1 net * WAN1 none 2.) first rule for accessing subnet on WAN2 * * * WAN2 net * WAN2 none 3.) third rule for LoadBalancing * * * * * LoadBalancingGroupe non
Trigger: Packet loss