Firewall rules set to balancer for gateway block all

bruor

i was able to successfully setup the balancer following:
http://wiki.pfsense.com/wikka.php?wakka=OutgoingLoadBalancing

however, when i add a rule to any "lan" interface to send all traffic using the balancer as the gateway, the interface stops accepting any traffic at all.  the only way to get it to work again is to log in on another "lan" interface and take the rule out.  once that happens, all is well. and packets can get out using the default gateway.

sullrich

Leave the deafult LAN rule in place and create a rule directing traffic before the default lan rule.

hoba

Also make sure the gateways in the pool are up (see status>loadbalancer for link status). If they are down you most likely have invalid monitor IP settings or the links are really down for some reason.

bruor

i was told on the forums to add a rule that says
allow all from local subnet, destined for the local subnet, that uses the default gateway, before the rule that says to direct all traffic to the balancer gateway.  it fixed the issue.

i am having another issue ATM though
configuration is:
3 local subnets, 10.10.10.0/24 172.16.3.0/16 and 192.168.254.0/24
primary wan is dhcp to cable
opt3 (wan2) is dhcp using 10.0.0.100/24 for the address,  it connects to a linksys on 10.0.0.1 which DMZ's to pfsense and handles the dsl connection.

yesterday, just after setup, when i unpligged the WAN interface, the balancer status went to offline for both WAN's.  after a reboot i tested it out and it seemed to go ok.

this morning, the dsl modem was powered off,  and the status showed as oneline for both wan's.

i rebooted pfsense, and unplugged WAN2, dsl, but the balancer status shows it as online.
if i unplug the cable feed, both go offline again
i am also noticing that when i access 10.0.0.1 via a web browser to configure the linksys, when changing pages, i get a page not displayed, then need to refresh in order to see what i want.
pings take 9ms to 10.0.0.1 and tracert shows the following.

Tracing route to 10.0.0.1 over a maximum of 30 hops

  1     6 ms    15 ms     7 ms  10.69.48.1
  2    12 ms    12 ms    10 ms  d226-2-137.home.cgocable.net [24.226.2.137]
  3     9 ms    11 ms     9 ms  d226-5-250.home.cgocable.net [24.226.5.250]
  4     8 ms     7 ms     8 ms  10.0.0.1

i have no clue where the 10.69.48.1 address is coming from.  the gateway for WAN is 24.150.160.1
gateway for WAN2 is 10.0.0.1,  ip on the wan of the linksys is 206.248.138.55 and the gateway should be in that subnet.

any help, again, is greatly appreciated

hoba

Something is messed up with your install. As link down detection is not working you should revisit your monitoring IPs. They are most likely wrong. Monitoring IPs have to be different for each link in the pool btw.

bruor

monitor IP's are set to the ISP's primary dns server for each segment.
the gateway for the dsl connection was set to 10.0.0.1 and monitor was 226.something
the gateway for the cable connection was 24.x.x.1 (ip of modem, listed as gateway for connection)
dns server used for monitor was 24.226.1.93

hoba

Make sure you monitor IPs actually respond to pings.