New HOWTO: pfSense Squid Web Proxy with multi-WAN links (it works!)
-
I agree with mbedyn, failover works but not loadbalancing.
-
Saw the same thing here. Fail-over yes, load balancing no.
-
same here no loadbalance only failover. Also the redirect error page in squidguard doesn't point to the redirect page.
2.0-RC3 (i386)
built on Wed Jun 22 12:38:11 EDT 2011installed packages: squid, squidguard, bandwidth and vnstati
squid in transparent mode, 2 ISP (dynamic and static WANS)
floating rule set as this:
@zzajdica:
-
I tried to follow the HOWTO but it seems I encountered problems:
2.0-RC3 (i386)
built on Fri Jul 1 00:16:18 EDT 2011
-
Good Job
-
Hello.
For three days I'm trying to do this.
I tried and tried, but I can not get it to work.
I can not open web pages it opens and then stops and does not go more 'forward.
I attach a screenshot
As you can see I can not even do program updates.
If anyone can help me, I would do a big favor.
Thanks to all.
-
Screenshot
-
screenshot
-
screenshot
-
what does not work ?
are you able to do basic loadbalancing without squid ?
if no -> read the sticky about loadbalancing / failover in 2.0 forumif yes -> is your floating rule being hit when trying to access a page ? –> if yes then you could be having a dns issue, duplicate the floating rule you have for http but change to tcp/udp and destination to DNS (53)
-
Hello.
Thank you for reply.
I reinstalled from the beginning.
The load balancing has worked very well until the installation of the Squid.
After the Squid and the fact the rules as you said to no longer works.
Attached is a screenshot of the rules are created by me for other services.
Can interfere at times.
Another thing, what are the correct values to put as the threshold latency and packet loss.
After the rule of floating, I found this rule, that fact alone, can 'interfere. Screenshots.
Another problem by loading a download of 6 7 megs no longer opens the page. I have to stop the download.
Thanks again.
-
If you notice the OPT1 and 'upload. the other three WAN server always does not happen.
-
Will these work for 3 ISP or 3 WAN links?
-
have you tried not to append the custom options which is the loopback maybe that will work.
-
@heper, I had setup squid load balancing following your instruction and it works (kind of). I fell unstable / slow performance while serving the web. Like I open a website the website may load halfway then it kept loading but nothing display. I need to refresh it then only it load the entire page. Or sometime it may never load the page at all but it never say "page cannot be display" etc, it just kept loading.
Also it cause my Online Games not able to connect to it server. The NAT outbound setting would it cause any trouble to go for manual? May it be the reason why my Online Games can't locate the server?
-
Hi, i tried this and works but with low performance.
now i updated pfsense and i got this when accessing via transparet proxy
ERROR The requested URL could not be retrieved While trying to process the request: GET / HTTP/1.1 Host: www.nasa.gov User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:6.0) Gecko/20100101 Firefox/6.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: es-es,es;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Cookie: __utma=259910805.353818488.1314617254.1314617254.1314617254.1; __utmb=259910805; __utmc=259910805; __utmz=259910805.1314617254.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); sessionpref=0; bn_u=6923701915773992990; fsr.s=%7B%22v%22%3A1%2C%22rid%22%3A%221314617258598_503062%22%2C%22pv%22%3A2%2C%22to%22%3A3.3%2C%22c%22%3A%22http%3A%2F%2Fwww.nasa.gov%2F%22%2C%22lc%22%3A%7B%22d3%22%3A%7B%22v%22%3A2%2C%22s%22%3Afalse%7D%7D%2C%22cd%22%3A3%2C%22sd%22%3A3%2C%22f%22%3A1314617266696%7D DNT: 1 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache The following error was encountered: Invalid Request Some aspect of the HTTP Request is invalid. Possible problems: Missing or unknown request method Missing URL Missing HTTP Identifier (HTTP/1.0) Request is too large Content-Length missing for POST or PUT requests Illegal character in hostname; underscores are not allowed Your cache administrator is admin@localhost. Generated Mon, 29 Aug 2011 11:27:52 GMT by localhost (squid)If I specify the proxy in the client it works well.
-
hello masters,
i setup failover and loadbalancing, i believe its working but not when i install squid proxy. failover is no longer working once i unplugged either of the wan connection. i cannot browse the web although i can ping 8.8.8.8, when i uncheck "allow users on this interface" i can browse the net. is there a workaround on setting up load balancing, failover and squid? i need your advise masters, thanks in advance!
-
Hi.
Any news about this issue ?
My pfsense 2.0 RELEASE + Squid + Failover + squidguard + Transparent Proxy still not work.
Thanks in advance.
Luca
-
After manually adding my subnet in the "Allowed subnets" box, my dual wan, squid and
squidguardsetup is now functioning using pfSense Version 2.0-Release (i386)UPDATE: squidguard doesn't work but squid is OK
-
Hi, first of all I apologize for my bad english…
PfSense 2.0 Release + Squid (transparent proxy) + Squidguard + Load Balancer doesn't work, only works failover, but not balancing. Without Squid, load balancer works fine.
If I do the NAT and the floating rule, without any change more, it seems to navigate and sometimes I can see the load balancer working, but a lot of times when browse it seems to stay "connected to..." and the web doesn't load fully.
I've tested with the previous configurations in "how to" (NAT, floating rule, LAN-loopback in proxy server with tcp_outgoing_address...) and the results are the same...doesn't work fine.