Bridging with load-balancing
-
Hi there,
I've tried to search for this particular problem but did not find any useful information…
I've setup a inbound load-balancer on pfsense to loadbalance 2 webservers behind transparent firewalling (Bridged OPT1 and WAN)
Here are the facts:
- I can reach each servers individually from internet w/o problems (with proper rules)
- I can reach the "Virtual servers" IP from LAN without issues (With default LAN -> ANY rule)
- I CANT reach the "Virtual servers" IP from WAN even with Virtual IP on WAN and proper rules !!!
Here is my setup:
INTERNET-\ pfSense /–--(SRV1 208.xxx.xxx.228/29 GW 208.xxx.xxx.225)
(GW 208.xxx.xxx.225)-- ( WAN 208.xxx.xxx.226/29 -BRIDGE- OPT1 )------ SWITCH
| | ----(SRV1 208.xxx.xxx.228/29 GW 208.xxx.xxx.225)
| LAN 192.168.254.1/24 ) - My pc 192.168.254.224/24Load Balancer: Pool
Name Type Servers/Gateways Port Monitor Description
HTTP server 208.xxx.xxx.228 80 TCP HTTP server pool
(balance) 208.xxx.xxx.229
MySQL server 208.xxx.xxx.228 3306 TCP MySQL server pool
(balance) 208.xxx.xxx.229
Tomcat server 208.xxx.xxx.228 8080 TCP Tomcat server pool
(balance) 208.xxx.xxx.229Services: Load Balancer: Virtual Servers
Name Server address Port Pool Description
HTTP 208.xxx.xxx.230 80 HTTP HTTP Virtual Server
MySQL 208.xxx.xxx.230 3306 MySQL MySQL Virtual Server
Tomcat 208.xxx.xxx.230 8080 Tomcat Tomcat Virtual ServerFirewall: Rules (WAN)
Proto Source Port Destination Port Gateway Description
TCP * * 208.xxx.xxx.230 80 (HTTP) HTTP Any -> HTTP Virtual Server
TCP * * 208.xxx.xxx.230 3306 MySQL Any -> MySQL Virtual Server
TCP * * 208.xxx.xxx.230 8080 Tomcat Any -> Tomcat Virtual ServerFirewall: Virtual IP Addresses
Virtual IP address Type Description
208.xxx.xxx.230/32 [Proxy ARP] Virtual Servers IPPlease help me to figure out what I am doing wrong !!! Thanks !