Triple wan loadbalance and squid
-
Run squid on another node behind pfSense. Traffic generated on the firewall itself (such as outbound connections from the squid proxy on the firewall) cannot be policy routed (such as Multi-WAN.)
And, no, Multi-WAN cannot combine two or more connections into one "fatter pipe." It can distribute different connections over different WANs to achieve more capacity but no single connection will ever see increased capacity over the circuit chosen for it.
-
Thanks for that I thought that might work but I don't have the cash to build another box to host squid.
So I am wondering if I disable squid if it will work because I tried disabling it and I still get the dame result. So do I have to uninstall it? I really just want to disable it.
-
It seems squid is partially doing load balancing because when i do a tracert it chooses the wan connection to use depending on the website i enter or the congestion on the network at that time.
-
Traceroute doesn't go through squid.
-
So the best option is to disable squid or uninstall it to get load balancing working?
-
I already gave you what I feel is the single best option to solve your problem, which is a separate caching node behind the multi-WAN node. That will do exactly what you want.
Other than that, getting firewall-generated traffic to use multi-WAN is going to be difficult if it's possible at all. You might look here:
https://forum.pfsense.org/index.php?topic=66822.msg457770#msg457770
That acl random command might be promising. Never tried it.
-
Am just asking if disabling squid will make load balancing work.
I also have freeRadius2 and captive portal running will that affect load balancing just as squid?
Please answer my first question please because I disabled squid rebooted my machine and it seems load balancing still not working.
-
Yes. Turning off squid should make load balancing work as long as the hosts are connecting through an interface that has the proper gateway groups set on the pass rules.
No, captive portal should not affect your gateway groups. Neither will the auth method for the CP (as in freeradius).
-
Yes I set the rules in the firewall so I have 3 20mbps down so I should get 60mbps down in total running speed test. I am only getting 20mbps alone. What's the matter there?
-
No, you will not. Multi-WAN does not combine connections into one "fatter pipe." It distributes connections among the interfaces so, under load, they are all utilized.
-
Oh I understand now. Thanks very much. So do you know when squid will use gateway groups aka multi-wan?
-
You might look at the acl random I referred to earlier.
-
So that command where should I place it in squid? Be specific please been reading the post and its not clear where to paste it.
-
You will have to do that research yourself or post in the cache/proxy forum that specific question.
-
Ok thanks
