Multiwan browsing and gaming
-
ive setup my pfsense 2.0rc3 multiwan(2 dsl line) as loadbalance(both tier1) and i would like to separate gaming and browsing to prevent lag on games if someone downloads or use multiple video streaming
gaming=dsl1
browsing=dsl2in my rules port 80 and 443(port for browsing) which I assigned to dsl1 and all other are assigned to dsl2. ..my problem is when i tried to check my wan ip using whats my ip.com if browsing really goes to dsl1 only and after a series of page refresh the wan ip changes from dsl1 and dsl2 that means my rules is not correct?
-
IMHO, loadbalance is not the solution to your problem. A more appropriate one is the fail-over.
Create a group like failover1 where wan1 is in tier1 and wan2 is in tier2.
Then create antoher group where wan1 is in tier 2 and wan2 is in tier1.then in your lan rules,
TCP LAN net * * browsingports failover2 prioritize http on dsl2, only goes to dsl1 if dsl2 is triggered by high latency, packet loss or member down.
* LAN net * * * failover1 prioritize gaming on dsl1, only goes to dsl2 if dsl1 is triggeredby high latency, packet loss or member down.browsingports is an alias with port 80 and 443.
I found out that it is not possible with the above suggested setup because I can't use the alias of ports in the LAN rule. We are almost the same requirement, although yours is to separate the browsing and gaming, mine on the other hand is browsing and non-browsing during office hours. So what I did is:
Schedule
TCP LAN net * * 80 (HTTP) WAN1 none WorkingHours
TCP LAN net * * 443 (HTTPS) WAN1 none WorkingHours
* LAN net * * * WAN2 none WorkingHours
* LAN net * * * LoadBalance none Default allow LAN to any rule with Load Balance -
I did what you are doing, kind of. But you should make it failover, not load balancing.
I just created lan rules for which games and browsing.
By that I mean all data goes through the first one.
Except you add a lan rule in the lan part of the firewall so like on port 27015 you add a new rule, and then on the gateway part way down you set it to your second modem.
I do this, it works nice.Here's a picture
this is the lan tab on firewall
-
heres my rules is it correct?
Uploaded with ImageShack.us
-
I did what you are doing, kind of. But you should make it failover, not load balancing.
I just created lan rules for which games and browsing.
By that I mean all data goes through the first one.
Except you add a lan rule in the lan part of the firewall so like on port 27015 you add a new rule, and then on the gateway part way down you set it to your second modem.
I do this, it works nice.Here's a picture
this is the lan tab on firewall
when i set it to fail over tier1(dsl1) and tier2(dsl2) games are lagy
-
IMHO, loadbalance is not the solution to your problem. A more appropriate one is the fail-over.
Create a group like failover1 where wan1 is in tier1 and wan2 is in tier2.
Then create antoher group where wan1 is in tier 2 and wan2 is in tier1.then in your lan rules,
TCP LAN net * * browsingports failover2 prioritize http on dsl2, only goes to dsl1 if dsl2 is triggered by high latency, packet loss or member down.
* LAN net * * * failover1 prioritize gaming on dsl1, only goes to dsl2 if dsl1 is triggeredby high latency, packet loss or member down.browsingports is an alias with port 80 and 443.
I found out that it is not possible with the above suggested setup because I can't use the alias of ports in the LAN rule. We are almost the same requirement, although yours is to separate the browsing and gaming, mine on the other hand is browsing and non-browsing during office hours. So what I did is:
Schedule
TCP LAN net * * 80 (HTTP) WAN1 none WorkingHours
TCP LAN net * * 443 (HTTPS) WAN1 none WorkingHours
* LAN net * * * WAN2 none WorkingHours
* LAN net * * * LoadBalance none Default allow LAN to any rule with Load Balanceare u using 1.2.3?
-
heres my rules is it correct?
Uploaded with ImageShack.us
Your rules seems to be ok, but you could use port alias for browsing, then you can assign ports 80 and 443, no need to open anything between 80-443
-
heres my rules is it correct?
Uploaded with ImageShack.us
Your rules seems to be ok, but you could use port alias for browsing, then you can assign ports 80 and 443, no need to open anything between 80-443
this is where the port 80-443 came from i selected http and https…
Uploaded with ImageShack.us
-
You have selected every port between 80 and 443 not just 80 and 443 that's probably where your problems come from.
If you aren't using laodbalancing at all, you don't seem to be, there is no point have a load balancing gateway setup at all. This would just put more overhead on pfSense.
You are just using policy based routing.
Steve
-
I'm using 2.0RC3. Actually i would like to correct my last post. You can use the port aliasing.
Create an alias for web browsing ports. (80 and 443).
Then as what metu69salemi said, use the port alias for 80 and 443 only. you can only use the port alias if you select "OTHERS" instead of http or https.heres my rules is it correct?
Uploaded with ImageShack.us
Your rules seems to be ok, but you could use port alias for browsing, then you can assign ports 80 and 443, no need to open anything between 80-443
-
change my pfsense to failover( tier1 and tier2) and fix my port range hope that will fix my failover problem…thanks
