Videos and audio not working.. Help plz!!
-
I tried changing that to Any also but not helping …. and I have collected other ips too, but everytime i serch for dns there is a new ip
I just found out that they use P2P servers ... in that condition what should i do? -
Hi Steve … today I tried diverting all the youtube traffic to one WAN ... I followed the same procedure as above for vk but trafic graphs are not showing any changes when all the traffic of youtube is on one WAN (that WAN was on tier 2)
May be I am making any mistake creating the rules!!!and one more thing the WAN on tier 1 is constantly having packet loss of 20-40% ... can I create a threshold value that the traffic switches to other WAN ...
-
The tier value you assign to each WAN only affects gateway groups. If you have added a rule to send all youtube traffic via a single gateway it will make no difference. You can either leave the gateway setting as default (in which case it will use the system gateway, probably the first WAN) or set it to a particular gateway from which ever WAN you want.
Youtube is likely to be difficult since they have a massive number of IPs across a worldwide set of server farms!You can set the packetloss thresholds in: System: Gateways: Edit gateway: Advanced.
You can also set the weight there so that you can divert more traffic to another WAN if it's struggling.You could try approaching this from another direction.
I've never tried this but you could use firewall rules to divide your users traffic between the WANs. E.g. 192.168.1.10-30 route to gateway 1, 31-50 to gateway 2 etc. This may not be practical for you.Steve
-
You could try approaching this from another direction.
I've never tried this but you could use firewall rules to divide your users traffic between the WANs. E.g. 192.168.1.10-30 route to gateway 1, 31-50 to gateway 2 etc. This may not be practical for you.Steve
thanks for the feedback …. I know I am asking too much ... but I am stuck in situation that I don't know how to handle ... apparently I have only one LAN and I need captive portal to work .. can I do this without shaking up my present setup ... ... if yes just provide me the outlines to do that!
-
I've never used the captive portal feature so I may not be of much help. :(
However, as it says in the docs wiki, it's much the same as that for m0n0wall which is well documented here:
http://doc.m0n0.ch/handbook/captiveportal.htmlI can't see any reason why you couldn't do it with your setup.
Steve
-
Sorry … But I can't find any direct setting in firewall rules where I can assign these gateways to set of lan ips!!
-
I've never tried this either I was just speculating but..
Set the source in the firewall rule to network then divide up your LAN by defining, say, a /27 (30 addresses).
E.g. 192.168.1.1/27 (192.168.1.1-30). The only problem with that is that in that case 192.168.1.31 is seen as the broadcast address so is not included. :-
A better way might be to define some aliases for your LAN client groups.
Yes, just tried it and that works much better.
Add an alias with type network(s) and divide up your LAN address space, 192.168.1.1-192.168.1.32, for example. Add aliases so you have divided up your LAN into 5 groups.
Add firewall rules with source, alias LAN1-32, gateway WAN1.Like I said I've not tried this but it should work. It has a number of drawbacks though. If one WAN goes down that group of LAN IPs will not have access. It will not share the load evenly, if your heaviest users are all in group 1 they will have a problem. :-\
Steve
-
You could make 5 gateway groups, each with a different WAN as tier1 and the others rolling down in priority:
WAN1-Priority-Group - WAN1 = Tier1, WAN2 = Tier2, WAN3 = Tier3 …
WAN2-Priority-Group - WAN2 = Tier1, WAN3 = Tier2, WAN4 = Tier3 ...
WAN3-Priority-Group - WAN3 = Tier1, WAN4 = Tier2, WAN5 = Tier3 ...
WAN4-Priority-Group - WAN4 = Tier1, WAN5 = Tier2, WAN1 = Tier3 ...
WAN5-Priority-Group - WAN5 = Tier1, WAN1 = Tier2, WAN2 = Tier3 ...Then have your aliases for each group of users, e.g.
Group1 192.168.1.0/27 (0-31)
Group2 192.168.1.32/27 (32-63)
Group3 192.168.1.64/27 (64-95)
Group4 192.168.1.96/27 (96-127)
Group5 192.168.1.128/27 (128-159)
(splitup the range of IPs that your users actually get into 5 reasonably subnet-able ranges)Then have 5 rules, each rule feeds one of the alias 'Groupn' into the matching WANn-Priority-Group.
Then, if a WAN is down, that group should failover into the next WAN. But any single user on a single local IP will have all their traffic directed to a single WAN link at any one time.
This is a manual load-balancing and failover scheme, but at least it ensures that 1 client IP will go out over 1 WAN and appear to have 1 NAT'd IP address to all the internet servers it accesses. -
Yes of course, that solves the fail over problem. :)
However you can't just use /27 as it doesn't include the first or broadcast address, 0 and 31 in the first subnet 32 and 63 in the second etc.
The alias entry page can generate the required networks by entering a range, 192.168.1.1-190.168.1.32 as I said above. It results in this:192.168.1.1/32, 192.168.1.2/31, 192.168.1.4/30, 192.168.1.8/29, 192.168.1.16/28, 192.168.1.32/32
Which looks nasty but is correct!
Steve
-
thanks very much guys … for the help
I am using subnet 192.168.0.1 ...
then this should be my setup?Group1 192.168.0.0/27 (0-31)
Group2 192.168.0.32/27 (32-63)
Group3 192.168.0.64/27 (64-95)
Group4 192.168.0.96/27 (96-127)
Group5 192.168.0.128/27 (128-159)can start addresses from .. 192.168.0.50/27 (50-81)
and in aliases i say the option of hosts/network /url etc ....
so can I defines particular ips in aliases list .., may be I can list all the ips in aliases list without following the above approach -
Don't use the /27 notation for the reason I outlined above.
Use alias type network(s) and enter '192.168.0.1-192.168.0.32' etc.
Steve
-
Hi Steve … I followed your instructions ... I have made all the aliases groups and load balancing groups ... have put all the users on static ips
I saw I can't move the groups up or down ... so I guess I need to delete the old Load balancing group ... ??
and I was wondering then what should I put gateway in LAN .. default or can I recreate a group like old one and put LAN on to that ... I guess in this ways it will handle the left over IPs to ... presently my IP list is 120+ -
You need to have the new rules corresponding to the groups at the top of the list since the firewall matches rules on a top down basis.
It would be a good idea to have a default rule below these to catch anything that isn't matched. You can use the default gateway for this or a loadbalancing gateway.
Does it look like this is working?
Steve
-
Its working ))) Thanks Steve … I am really thank full to you and this forum ... I never expected this type of response ...
I have implemented the setup partially ... just for now 2 WAN .. actually I couldn't sort out the IP ... I need a little a time for that may by the end of the today I will manage implement the setup ...
and other three WANs are working on the old Load Balancing group ...
One more thing ... I asked you about the configuration of my pfsense earlier that can it handle the through put of 250 Mbps (in other topic) ... you said yes
But whenever I go to speedtest ... it never crosses 135 Mbps (usually around 120 Mbps) ... is it normal for speedtest .... ( I am using cat 5e wire for gigabit link to GBswitch) -
I have read that speedtest.net does not give an accurate result above 100Mbps but I am unable to test that with my two WANs (20Mb and 40Mb). I can say that it uses both my connections and gives a value usually around 56Mb.
You can test the connection by manually starting some large downloads on each WAN. It's a PITA though! :P
Steve
-
Hi … I arranged whole setup ... All working good ... Finally everything is settled ... For the time being I am not too worried about the speedtest ... Well I really appreciate your help Steve and this forum ...!!!