Re: Fail Over Did Not Working - Pls Help MEEEE [SOLVED]
-
Hi Everybody !!!
I'm New to the PfSense. So I'm sorry for my novice questions. I'm using Pfsense 2.0-RC3 (i386). I have 2 ADSL connections and one Lan connection.
LAN Interface -> 192.168.0.110
WAN Int-> 192.168.1.10
WAN GW -> 192.168.1.1OPT1 Int -> 192.168.2.10
OPT1 GW -> 192.168.2.1I did not used any NAT rules. And also I did not used any pool at Services -> Load Balance. My problem is WHEN the WAN connection is down, I'm not getting internet traffic from OPT1 connection. When I removed WAN connection no internet traffic is coming. My fail-over is not working. I cannot get internet from OPT1 connection. But OPT1 interface is working perfectly, when I'm ping via OPT1 to outside DNS addresses its ping perfectly.
Herewith with I have attached my total Scenario. PLEASE HELP ME…..... Smiley
 -
Load Balancer Pool is not neccessary.
For LoadBalancing and Failover you only need one group with both the same tier. You do not need three as it was in pfsense 1.2.3.
Both gateways on WAN side must not have the same gateway for loadbalancing to work.
-
Thanks Nachtfalke for you reply.
Can you explain me is there any wrong with my WAN side gateways?
How can I make single group with balancing and fail over rules? and Please explain me step by step.
Don't we need any NAT rules?
I'm using Squid proxy to asses the internet from client.
Sorry for disturbing.
Thanks
-
Hi,
that loadbalancing is not working is (now) clear for me. You are using squid on the same machine. To make LoadBalancing work you need to add additional rules unter "NAT - Outbound" and "Floating rules" as far as I know. For more information please take a look at this thread for example:
http://forum.pfsense.org/index.php/topic,33895.0.html
There are other threads in the forum which explain how to configure this. I am not using squid and loadbalancing on the same machine, so I cannot help you with that.
LoadBalancing and Failover in general:
In pfsense 1.2.3 you needed several Groups for LoadBalancing and failover. The wiki isn't up to date for LoadBalancing in pfsense 2.0.
In pfsense 2.0 you create the gateways for you WAN connection (you did this correct) and then you create one gateway Group in which you put both Gateways (you did this, too). If both gateways in the group have the same Tier for example "Tier 1" then they will do LoadBalancing AND if one Gateway goes down then it will do a failover automatically.
At least you have to put this gateway group as the gateway in your firewall rules. Thats all.Perhaps you could first try LoadBalancing without squid installed and be sure that it is working, than reinstall squid an try with the additional configuration you found in the other thread.
PS: Better delete the entries you did in "advanced" for every gateway like "packet loss" and "down time" etc. In general there is no need to change something.
-
Hi,
As per your instructions I have removed all squid configurations from my PFsense. I did fresh instillation without squid. I have configured the same previous configurations. Gateways and IP are same as previos post. I have included new floating Firewall rules and NAT rules. Then I setup my PC default gateway as my PFsense server IP (192.168.0.110) and I set up my internet browser internet options as "No Proxy" settings, but still I can't get internet to my PC.
Please check my NAT and floating rules are they correct or not? if these are wrong please give me the correct rules.
We do have 4 mbps ADSL and 1 mbps ADSL. If load balance succeeded can we get 5mbps through put ? or do we have to do link aggregation (Lagg) Can we do it from this pfsense itself? and how it can be done?
Thanks for you kind help
 -
Hi,
remove your floating rule. You do not need it (at the moment).
I am using automatic outbound NAT rule generation (you could use this, too, in you scenario) but I think your manual configured two rules are correct, too. Not 100% sure.You said you can get no internet to you PC. No internet at all or only no LoadBalancing !?
Did you setup DNS properly in General Setup ?LoadBalancing 4Mbit/s and 1Mbit/s.
If you will start ONE download you can get maximum download speed of 4Mbit/s or 1Mbit/s. It depends on what line the pfsense round robin mechanism is using.
If you start 2 downloads one will download with 4Mbit/s and the other with 1Mbit/s.
You will NEVER geht 5Mbit/s with only one download. (In some cases this will work for example if you are using torrent and the torrent establishs more connections for this download).
-
HI Nachtfalke,
Thanks a lot for your support. Its working well. Now I'm thinking with a squid. Can we get more performance from squid than normal method ? ?
Best Regards
abcvidu :) :) :) :) :) :)
-
You Bandwidth will always be 4 + 1MBit/s (as I told you in my last post). SQUID will not increase your performance but it will help you to use bandwidth better/more efficent if many people/clients are browsing the same sites or are downloading the same files.
If you do not have any other solution for deploying windows updates there are some SQUID tricks to cache windows updates in SQUID and then boost up your download performance for windows updates.
For this check the docs "SQUID tuning" -
As Nachfalke said, it will never increase your speed. But it will help you minimize your bandwidth usage by caching. Meaning, if a file had already been accessed/downloaded before, your computer will not download it again from the internet source but from your squid cache(unless the cache has been deleted). It will look like a normal file transfer between your LAN. Take a look at my speedtest. Before I installed squid, my usual Download speed is 0.9Mb/s and 0.3Mb/s Up. After installing squid, my Down speed is 90Mb/s and Up with little change.
-
you will get 5mb/s with uTorrent or anything that uses a download accelerator to CDN's that are on multiple C class segments (common).
-
you will get 5mb/s with uTorrent or anything that uses a download accelerator to CDN's that are on multiple C class segments (common).
You will only get 5MBit/s if you are downloading a file which allows MULTIPLE connections. utorrent or torrent in general allows this. But this will not work with every download!