Problems with Load Balancing
-
Good morning/afternoon/evening,
I am writing to you about a serious issue I am having. I just got installed two 4G LTE routers and two smart switch to use Vlans. I am using the two of them as my gateways and am trying to achieve Load Balancing with the weight of 2 for WAN1 and 1 for WAN2. WAN1 speed is about (4g not always stable) 100-125 mbps download and WAN2 speed is about 45-70 mbps download. I normally should get more than 130 mbps. However, I only get the same speed as WAN1 only which means 125 mbps even though I can see in Status -> Traffic graph for both that WAN 2 is participating in the speedtests (speedtest.net and 10 files download at the same time). I set my firewall right by choosing the gateway group and deactivated Squid, PFBlockerNG-delevel, and Snort. The gateway group I create has the two WAN in Tier 1 as indicated in the multiple tutorials I thoroughly read. I also in System -> Routing selected the gateway group as the default gateway, but WAN1 is still selected as "default" which is weird. I tried to ping from WAN2 interface and everything is working fine. I also assigned a specific DNS for WAN1 (1.0.0.1) and WAN2 (1.1.1.1). I restarted twice PFsense and the 4G routers. I tried the speed test from speedtest.net from many different devices as well.
The routers are quite far away, but they may be using the same antenna from the ISP. They are like 20m and two rooms away. Do you think it may be the problem?
Please help me out. I thank you in advance :).Please see a screenshot of my smartphone doing a speed test and the traffic monitoring of WAN1 (right) and WAN2 (left).
Kind regards,
-
The distance to the 4G devices should not matter if they are Ethernet connected (within reason). But your reference to a shared antenna is confusing. Are they connected to the same provider? Same gateway IP?
Did you try using policy routing instead? Assigning a gateway group to traffic on the LAN with a LAN side firewall rule?
Steve
-
@stephenw10 Hi Steve, Thanks for the answer.
Yes, I know the distance does not matter when connected with Ethernet (except for very long). However, I meant something else. I do not know exactly how 4G works. My two routers are using two different sims from the same ISP and are connected close to each other (about 20meters, two rooms away). Thus, I think they are connected to the same ISP's antenna and slowing the connection of each other down whenever they are having their maximum capacity traffic at the same time.
Could you please tell me how "policy routing" will help? Yes, I have set the firewall to my Gateway group. I noticed after rebooting the three devices which are the PfSense router and the two 4g routers that the load balancing is kind of working. I get 100-135mbps download now and get 50 Mbps upload.
If I connect to the WiFi of my 4g router separately, then I get:
GW1: 80-120mbps download speed and 25 Mbps upload
GW2: 50-75mbps download and 25mbps upload.I tried to change the weight of my gateways with all the possible values, but do not see a major difference except in upload. I am now still at GW1: 1 and GW2: 2.
I do not have my 4g routers in Bridge mode as they do not have it. Huawei b618-22a and Huawei b525-23a. I have set a different network and set Vlans to my PfSense. I don't know if it changes something.
Please see my basic and not an actual representation of my home network.
Thanks,
-
If you had the routers bridged they would likely be passing the same gateway IP to pfSense for both connections which will definitely not work. At least one of them would need to be routing so that the two WANs have different gateway IPs for pfSense to route to. So that part should be OK.
They will almost certainly be connected to the same cell. If that cell has restricted bandwidth available you will be hitting that. It seems unlikely but could be the case.
Using a gateway group for system default gateway is a relatively new feature. As far as I know it is failover only, that's all I have tested it as. If you need load-balancing it needs to be via a LAN side firewall rule. Test that before digging deeper.
Steve
-
@stephenw10 Thanks,
Yes, I see.
I have seen some folks having doubled their speed internet with their two same VDSL connection, so I thought I could get better as my family is constituted of heavy users. :). It is very important for me to get better bandwidth.
Could you please check if these are alright? 3 Images. The first image is PfSenseblockerNG and the second and third are the default firewall.
Thanks,
-
Yes, those look correct.
You might want to add a rule to pass DNS, UDP port 53, without a gateway specified and put it above the policy rule on LAN so that clients can always hit the LAN interfaces address for DNS without getting routed.
As long as the two modems are NATing they will be providing different gateway IPs to clients and pfSense should be able to loadbalance between them.
You could always add additional rules to pass specific LAN clients to a particular gateway. Then you could test from those clients and that traffic will only go via that gateway. With one client using each gateway you should be able to test the maximum speeds on each simultaneously. That would show if you're hitting some upstream restriction.
Steve
-