• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

The Load Balancer Address and SMTP E-Mail

General pfSense Questions
3
9
3.0k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • B
    boujid
    last edited by Jul 23, 2013, 11:21 AM Jul 23, 2013, 11:17 AM

    Hi

    we are load balancing two Exchange Hub 192.168.1.1 & 192.168.1.2
    the Load Balancer address is 192.168.10.100

    the problem is PfSense wont work with the load balancer address once configured in in the "System: Advanced: Notifications" section
    we got :

    php: /system_advanced_notifications.php: Could not send the message to xxx@yyy.zzz – Error: could not connect to the host "192.168.10.100": ??

    we dont want to enter the address of the first Hub or the second one cause it might be the Hub that goes off the pool

    any suggestion ?

    Thanks

    1 Reply Last reply Reply Quote 0
    • W
      wallabybob
      last edited by Jul 23, 2013, 12:50 PM

      How does a packet from pfSense get to 192.168.10.100? pfSense has a static route to the 192.168.10.x/y subnet? Or an interface in the 192.168.10.x/y subnet?

      1 Reply Last reply Reply Quote 0
      • B
        boujid
        last edited by Jul 23, 2013, 1:14 PM

        of course it have
        pfsense WAN address 192.168.10.200
        pfsense LAN address 192.168.1.200

        so the 192.168.10.100 is the virtual IP for the Load Balancer, then this address belong to pfsense WAN address

        the problem is why pfsense cannot use this address for SMTP E-Mail ??
        is there a way to success this configuration ?

        1 Reply Last reply Reply Quote 0
        • S
          stephenw10 Netgate Administrator
          last edited by Jul 24, 2013, 9:49 PM

          The pfSense box cannot use the load balance IP itself because it is basically an alternating port forward. It would have to route traffic out and back in again. The same reason you need NAT reflection for normal port forwards to work LAN side. I have never tested this but I wouldn't expect the load balance to work from the pfSense LAN subnet, does it?

          Steve

          1 Reply Last reply Reply Quote 0
          • B
            boujid
            last edited by Jul 26, 2013, 10:27 AM

            Thanks for your answer

            i understand, however i thought as the loadbalancer address belong to pfsense itself, this configuration could work.
            i think that if pfsense try to use the loadbalancer address by using his wan address it might be possible.
            then if it is true why the pfsense is trying to use his LAN address to access the SMTP E-mail and not his WAN interface address ?
            i am asking because in the routing table it's obvious that the SMTP E-mail = LoadBalancer address is on the same Net that his WAN address

            Thanks

            1 Reply Last reply Reply Quote 0
            • S
              stephenw10 Netgate Administrator
              last edited by Jul 26, 2013, 11:09 AM

              I don't know why it is trying to use the LAN interface.
              The Load Balance virtual IP is on the WAN interface hence I would expect to see the pfSense box attempting to access the mail server via the WAN NIC. This will fail because the actual mail servers are on the LAN side.
              This is not something I've spent much time playing with so I'm open to suggestions/corrections. Perhaps setup a second load balance IP on the LAN interface?  :-\

              Steve

              1 Reply Last reply Reply Quote 0
              • W
                wallabybob
                last edited by Jul 26, 2013, 11:31 AM

                I think the problem is that the load balancing is configured to redirect connections entering the box on particular interface to an IP address in the pool. Connections initiated from pfSense don't enter the box on any interface hence aren't redirected.

                1 Reply Last reply Reply Quote 0
                • S
                  stephenw10 Netgate Administrator
                  last edited by Jul 26, 2013, 11:49 AM

                  The same reason connections initiated from the pfSense box will always use the default gateway in a multi-WAN setup?
                  I'm just not sufficinetly familiar with the underlying software to know how this is handled or what could be done work around it.
                  JimP made an interseting related comment recently, here: http://forum.pfsense.org/index.php/topic,64502.msg349645.html#msg349645

                  Steve

                  1 Reply Last reply Reply Quote 0
                  • B
                    boujid
                    last edited by Jul 27, 2013, 5:53 PM

                    ok it's a little weird
                    i gave up, i installed a tiny smtp relay on a third server in the wan subnet, then i configured my pfsense to use this server which is in its turn relay emails to the loadbalancer address

                    1 Reply Last reply Reply Quote 0
                    4 out of 9
                    • First post
                      4/9
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.