Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SOLVED Trouble with Web Server Load Balancing - Can't get initial config working

    Scheduled Pinned Locked Moved General pfSense Questions
    1 Posts 1 Posters 295 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • U
      umuzidan
      last edited by

      Version: 2.3.3-RELEASE-p1

      Issue: I can't get the initial config working for a simply web server load balancer

      I've tried creating a VIP and also not using a VIP and hitting the public IP directly, no luck.

      WAN IP: 1.1.1.2/24 (Yes, i have a full /24 subnet of public IP's to choose from with my ISP in the data center)
      LAN IP: 192.168.1.1/24
      Web1: 192.168.1.2
      Web2: 192.168.1.3
      Web3: 192.168.1.4
      VIP: 192.168.1.100
      Public IP for Web Traffic: 1.1.1.3

      1. Create LB Pool
      -Insert the IPs for Web1, Web2, and Web3
      2. Create the LB Virtual Server
      -Insert an IP of 1.1.1.3 (and I've also tried the VIP 192.168.1.100)
      3. Create a firewall rule
      -Allow all traffic on port 80 FROM SOURCE (any) TO DESTINATION (1.1.1.3) - Didn't work
      -Or, if using VIP, create NAT rule FROM SOURCE (any) TO DESTINATION (1.1.1.3) REDIRECT TO (192.168.1.100) all traffic on port 80 - Semi-worked: Found active states, but TCP connection closed immediately

      I read a tutorial which said to create NAT rules for Web1, Web2, and Web3, however that defeats the purpose of a LB. If one goes down, or if I disable the monitor protocol on that server so the LB removes it from the pool, I believe that the NAT rule will still pass traffic to it.

      Any help please?

      ANSWER: I needed to add a catch all firewall rule on WAN for all port 80 traffic. Didn't need the VIP

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.