Sticky Connection Alternatives
-
Hello all,
I was wondering if anybody could advise me wether Pfsense offers an alternative to Sticky Connections?
My network consists of 2 x WAN and 1 x LAN. The network benefitted greatly with the load balanced WAN connections however a user a user was having issues with his emails which forced me to enable sticky connections. However as far as I understand this, IPs will only ever be routed to one of the gateways now meaning my load balance isn't really as effective and speeds have been affected somewhat.
I was wondering if there was a way of going back to keep maximum speeds but to be able to keep the sticky connection for authentication purposes for some email providers?
-
Unfortunately, no. It's all or nothing with sticky.
-
What about using policy based routing and define a port- or host-based alias for these troublesome mail providers? Then just force them to use a failover gateway group instead of a load balanced one (use LAN firewall rules). This is what I do for HTTPS sites that don't like sessions originating from multiple IPs.
-
What about using policy based routing and define a port- or host-based alias for these troublesome mail providers? Then just force them to use a failover gateway group instead of a load balanced one (use LAN firewall rules). This is what I do for HTTS sites that don't like sessions originating from multiple IPs.
Thanks, I'll give this a try when I'm next on site. Sorry for the late reply. This issue only popped into my head again today after thinking, "if only I didn't have that Sticky Connections issue!"
-
So I tried luckman212's suggestion and it worked! :)
I think something like this should be commented on within Sticky Connection topic.
Cheers all ;D
