Private load-balancer on the LAN
-
Hello,
I've setup a network that consists of 3 database servers and 3 Web servers, per the diagram that I've enclosed. I've also created a farm (with public Virtual IP address) to drive the 3 load-balanced Web servers easily.
What I am not able to do is building a load-balanced database farm. It's like a LAN farm… Anyone have done this before, and how have they done it?
In essense: Web servers will connect to a local, virtual IP address, which needs to be actually the IP address of load-balanced database farm.
Thank you in advance.
/Comrax
 -
It's not a firewall's job. You have to create a cluster out of your DB-servers.
-
I wonder: How does this classify under "not a firewall's job" when the same firewall can do load-balancing? ;)
In normal circumstances, I'd say that you're correct but we're dealing with pfSense firewall with LB capability.So, the obstacles would be:
- The LB itself is targeted only to serve the "outside world";
- We don't know how to do this for the "inside world" – yet;
- Some kind of software is missing from pfSense that would enable it to work.
Meanwhile, I've installed "haproxy" as a package (pkg_add -r) on the pfSense box itself to enable this functionality. haproxy listens on LAN IP address, and is configured to relay incoming requests to the 3 database servers (round-robin style).
I just don't know whether this is a good strategy, and whether the packages are retained after I do a firmware upgrade. Anyone can shed more light on this?
/Comrax
-
LB in pfSense: packet arrives at one interface and goes out of (two, three, …) interfaces according to specified rules.
When it comes out of any outgoing interfaces it is forwarded to the single host - default gateway configured for this interface.
To use firewall to loadbalance local traffic is kind of not very nice design/solution for me.Eugene.
-
And still, in real life situations, you need it. I've demonstrated just one scenario…
/Comrax
-
We are all people, that is why we have different opinions -)))