Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Triple wan loadbalance and squid

    Scheduled Pinned Locked Moved Routing and Multi WAN
    18 Posts 3 Posters 3.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tripplex
      last edited by

      It seems squid is partially doing load balancing because when i do a tracert it chooses the wan connection to use depending on the website i enter or the congestion on the network at that time.

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Traceroute doesn't go through squid.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • T
          tripplex
          last edited by

          So the best option is to disable squid or uninstall it to get load balancing working?

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            I already gave you what I feel is the single best option to solve your problem, which is a separate caching node behind the multi-WAN node. That will do exactly what you want.

            Other than that, getting firewall-generated traffic to use multi-WAN is going to be difficult if it's possible at all. You might look here:

            https://forum.pfsense.org/index.php?topic=66822.msg457770#msg457770

            That acl random command might be promising. Never tried it.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • T
              tripplex
              last edited by

              Am just asking if disabling squid will make load balancing work.

              I also have freeRadius2 and captive portal running will that affect load balancing just as squid?

              Please answer my first question please because I disabled squid rebooted my machine and it seems load balancing still not working.

              1 Reply Last reply Reply Quote 0
              • DerelictD
                Derelict LAYER 8 Netgate
                last edited by

                Yes. Turning off squid should make load balancing work as long as the hosts are connecting through an interface that has the proper gateway groups set on the pass rules.

                No, captive portal should not affect your gateway groups. Neither will the auth method for the CP (as in freeradius).

                Chattanooga, Tennessee, USA
                A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                Do Not Chat For Help! NO_WAN_EGRESS(TM)

                1 Reply Last reply Reply Quote 0
                • T
                  tripplex
                  last edited by

                  Yes I set the rules in the firewall so I have 3 20mbps down so I should get 60mbps down in total running speed test. I am only getting 20mbps alone. What's the matter there?

                  1 Reply Last reply Reply Quote 0
                  • DerelictD
                    Derelict LAYER 8 Netgate
                    last edited by

                    No, you will not. Multi-WAN does not combine connections into one "fatter pipe." It distributes connections among the interfaces so, under load, they are all utilized.

                    Chattanooga, Tennessee, USA
                    A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                    DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                    Do Not Chat For Help! NO_WAN_EGRESS(TM)

                    1 Reply Last reply Reply Quote 0
                    • T
                      tripplex
                      last edited by

                      Oh I understand now. Thanks very much. So do you know when squid will use gateway groups aka multi-wan?

                      1 Reply Last reply Reply Quote 0
                      • DerelictD
                        Derelict LAYER 8 Netgate
                        last edited by

                        You might look at the acl random I referred to earlier.

                        Chattanooga, Tennessee, USA
                        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                        Do Not Chat For Help! NO_WAN_EGRESS(TM)

                        1 Reply Last reply Reply Quote 0
                        • T
                          tripplex
                          last edited by

                          So that command where should I place it in squid? Be specific please been reading the post and its not clear where to paste it.

                          1 Reply Last reply Reply Quote 0
                          • DerelictD
                            Derelict LAYER 8 Netgate
                            last edited by

                            You will have to do that research yourself or post in the cache/proxy forum that specific question.

                            Chattanooga, Tennessee, USA
                            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                            Do Not Chat For Help! NO_WAN_EGRESS(TM)

                            1 Reply Last reply Reply Quote 0
                            • T
                              tripplex
                              last edited by

                              Ok thanks

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.