Load balancing not working with Wireguard client
-
@madbrain I had a config with load balancing working with 2 ISPs, which I restored.
If I add an interface for the 3rd ISP, without doing anything else, the load balancing stops working.
If I restore the same working config again, and rename the 2 WAN interfaces, the load balancing also stops working. I renamed WAN to Comcast and WAN2 to Sail. I wouldn't expect a cosmetic config change to affect functionality, but perhaps there are references by name somewhere else. I'm not sure what.
-
@madbrain Sounds really strange that a name change would have such an effect...
And when adding the third interface, all you do is put that into the existing group, also set as Tier 1 like the others? And that breaks the load balancing completely?
And what about policy rules? Do you have a rule both for the loadbalancer and the failover gateway as per that guide?
If so, you need to make sure the balancer rule is above the failover, since rules are handled from the top.BTW, how do you go about changing the names of the gateways? Did you edit the config file or do you copy the gateway, give it a new name and then delete the old one?
Changing name on a gateway can't be done without affecting other things, like the FW rules for example.
-
@Gblenn I agree it is strange. I can't reproduce the issue with the name anymore. But I can definitely reproduce the problem of load balancing not working.
I backed up my settings, and started over with a brand new confign and configured all 3 ISPs.
Still, all traffic is being directed at one ISP, even multiple hosts each initiating multiple connections .
In the following graph I had 4 devices running Ookla Speedtest - a Windows box, a Linux box, a Raspberry Pi4, and my S22 Ultra phone on Wifi. All except the phone were wired.
All traffic got routed to the Comcast WAN. Sail and Verizon WANs were untouched.
What am I missing ?
-
@madbrain One thing that I notice which you have set different to what I have, is the default gateway IPv4. I have it set to the failover group that I created, in your case "v4LB". Whereas you have it as Automatic...
-
@madbrain When I looked at instructions you linked to, or e.g. Lawrence Systems, they suggest using the Gateway Group in the LAN rule. But instead I have it set as Default... and it's working fine.
-
@Gblenn I tried setting the default gateway to the load balancer group also. That did not help, unfortunately. All traffic is still going through Comcast.
-
@Gblenn Are you using pfSense CE or Plus ? I'm using Plus. I don't see the same screen as you posted in your screenshot. Where is it at ?
Edit: found under Firewall -> Rules -> LAN -> Edit (IPv4 rule) -> Show advanced -> Gateway . I set the load balancing group for both IPv4 and IPv6.
And miraculously, the traffic started getting distributed across all 3 WANs !
Thanks for the tip. I wonder how you got it to work without setting the gateway.
-
@madbrain I have always had it set to the gateway group in that setting. It was the firewall rule that is suggested both in the instructions you linked to and by Lawrence Systems. There I keep it at default..
Great that it works now!
-
I guess now you could take a look at the weighting, to rebalance based on individual capacity of each connection. Not the Tier number, but rather for each individual Gateway (under System / Routing / Gateways) when you expand the Advanced button. First item there is weight...
-
@Gblenn Yes. I setup the weighting. Unfortunately, I ran into some issues with Netflix streaming, where buffering happened even though all 3 WANs were up. Will post a separate thread.
-
@madbrain said in Load balancing not working with Wireguard client:
I do have an extra NIC and a total of 3 ISPs rather than 2 ISPs before. But even disabling one interface for one of the ISPs does not restore the load balancing functionality.
I do have an extra NIC and a total of 3 ISPs rather than 2 ISPs before. But even disabling one interface for one of the ISPs does not restore the load balancing functionality.
-
@rikazkhan Your message was just a quote. Did you mean to add something ?