Basic VIP and Load Balance Issue - Port won't make TCP connection
-
Real simply, I have two open relay internal email servers both listening on port 26. I can telnet to each individual server but not to the VIP. I created a VIP on the same subnet at the servers and use the VIP for LB both port 26 and HTTP. I setup the LB for an active/passive, where server 1 is the active and all traffic is directed there, and server 2 is the passive in case server 1 goes offline (according to the monitor).
It seems like no data will pass into the VIP:port and out to server 1:port, both on 26 or 80. I have a rule on that subnet to allow all traffic to pass in and out.
Is there something I'm missing?
Config:
pfSense 2.4.2-Release-p1LAN: 172.20.30.1/24 (pfsense)
VIP: 172.20.30.192/24 (Type=IP Alias)
Pool1: Mode=LB, Server=172.20.30.138, Port=26, Monitor=TCP
Pool2: Mode=LB, Server=172.20.30.139, Port=26, Monitor=TCP
VirtualServer1: Protocol=tcp, IP Address=172.20.30.192, Pool=Pool1, Fallback Pool=Pool2The status for both the pool and service is green / active.
And when it's all done, I can't telnet to the VIP (172.20.30.192) on port 26, but I can telnet to 172.20.30.138 and .139
-
More information… it appears that I can successfully telnet to the VIP on port 26 from another LAN. When initiated on the same LAN/subnet as the VIP, the connection never responds. On this subnet there is only one firewall rule that allows all in/out on any protocol for IPv4+IPv6, so I there isn't any possible rule that could be blocking.