CARP with Load Balancing

  • I have two pfsense servers: pf1 and pf2. They each have their own WAN and LAN IPs.

    pf1: x.x.x.111 (wan) (lan)
    pf1: x.x.x.112 (wan) (lan)

    I also set up CARP on a third NIC on both, with virtual IPs (VIP) x.x.x.122 (wan) and (lan). I want to set up incoming load balancing using the CARP wan VIP (x.x.x.122) on port 5060 using UDP. Firewall rule has been created allowing all source IPs to send traffic on port 5060 when destination IP is x.x.x.122, and state setting is set to 'keep state'.

    I have set up a python script which is an echo server, and it is running on port 5060 on two servers ( and behind the firewalls. On the outside (v.v.v.99), I use a client to send a message to x.x.x.122 on port 5060. When I use the same application to send traffic from one server to another, say from to, I get an echo back from the server. But when I use the same application from outside the network (from v.v.v.99), the application just hangs and I do not get back a reply. On the server side, it also does not see the message sent by client.

    If I enable the firewall rule allowing traffic, firewall log shows nothing. If I disable it, firewall log shows an error that policy was violated. What am I doing wrong? What changes do I need to make to get simple load balancing with stickiness to work?
    ![firewall - rule.JPG](/public/imported_attachments/1/firewall - rule.JPG)
    ![firewall - rule.JPG_thumb](/public/imported_attachments/1/firewall - rule.JPG_thumb)
    ![load balance - server pool.JPG](/public/imported_attachments/1/load balance - server pool.JPG)
    ![load balance - server pool.JPG_thumb](/public/imported_attachments/1/load balance - server pool.JPG_thumb)
    ![load balancer - virtual server.JPG](/public/imported_attachments/1/load balancer - virtual server.JPG)
    ![load balancer - virtual server.JPG_thumb](/public/imported_attachments/1/load balancer - virtual server.JPG_thumb)
    ![log - load balancer.JPG](/public/imported_attachments/1/log - load balancer.JPG)
    ![log - load balancer.JPG_thumb](/public/imported_attachments/1/log - load balancer.JPG_thumb)
    ![setting - advanced setting.JPG](/public/imported_attachments/1/setting - advanced setting.JPG)
    ![setting - advanced setting.JPG_thumb](/public/imported_attachments/1/setting - advanced setting.JPG_thumb)

  • Never mind. I was looking for load balancing on UDP but I learned that verion 1.2 only supports TCP load balancing.

Log in to reply