Gateway groups / load sharing not working?

  • Hello,
        I can't get load sharing to work and I'm wondering if it's a poor configuration on my part, or an issue with the beta.

    First of all, the only reason I'm using the beta is due to rtl8187 support. That part seems to work, at least. I can ping the wifi router (from the ipsense router).

    Anyway, my goal is to implement load sharing for better uTorrent performance.

    Current setup:
    Version 2.0-BETA1
    built on Wed Mar 24 09:56:45 EDT 2010
    FreeBSD 8.0-STABLE

    WAN      (DHCP) 10baseT/UTP
      LAN 10baseT/UTP
      OPT1      (DHCP) autoselect mode 11g

    Since the 2.0 method to share loads is to create a gateway group, I attempted just this:

    System->Gateway Groups:

    GW_OPT1    Tier 1
    WAN    Tier 1

    (The setup included a curious "-" gateway which I assume meant default GW or something. I left that priority as "Never")

    Now, I assume the firewall rules are the same as described here:

    Or in my case (hopefully I got this right)

    TCP LAN net * * * none  
    TCP LAN net * OPT1 net * * none

    • LAN net * * * * none   Default allow LAN to any rule
      TCP LAN net * * * testgategroup none

    OK, so far so good? Well, I can connect to the internet using this router setup, but it never uses OPT1. All traffic goes through WAN. Again, I can ping OPT1's router just fine.

    So, pretty please with sugar on top, can someone throw me a bone and suggest something to try? Thanks  :)

  • PS: I just checked some curious light traffic reported by the "Traffic Graph" using tcpdump and it seems pfsense is pinging OPT1's router at regular intervals. Don't know if this is related to anything.

  • PPS: I read elsewhere that the failsafe rules aren't necessary anymore so I removed them, but this didn't fix the problem.

  • One more thing, I just caught my error for specifying TCP instead of "any" protocol. Still not load sharing. All traffic goes through WAN and none through OPT1.

  • I downloaded the most recent build (just realized I had an ancient version—must have listed them backwards by mistake) and configured the router from scratch.

    Still no dice!

    The interface in the newer build is better, though. The router groups setup is a lot cleaner. Now if only it would WORK!

  • Rebel Alliance Developer Netgate

    It will never reach your testgategroup rule. It's first match wins, read from the top-down.

    Move that rule to the top and it will work.

  • @jimp:

    It will never reach your testgategroup rule. It's first match wins, read from the top-down.

    Move that rule to the top and it will work.

    Oh, well I was following:

    which suggests the opposite?

  • Just for kicks I moved the rule to no avail.

    I also updated to the very latest and tried logging my rule (firewall logging seems to log all rules regardless, and only logs blocks, not passes).

    I will also note I've tried changing various configurations like switching WAN and OPT1 physically, and using static assignments for OPT1.

    I will note the way to setup the static assignment is really cumbersome and had me scratching my head for a moment. I can't seem to set the gateway IP in Interfaces:OPT1, instead I have to add one in System:Gateways. Weird. Anyway…

    I added the gateway for OPT1 in System:Gateways (OPT1GW) then added OPT1 with a static assignment using OPT1GW as the Gateway. I assume that's appropriate.

    When I disconnect WAN, I get this in the log:

    php: : All gateways are unavailable, proceeding with configured XML settings!

    which is kinda maddening since Status:Gateways says OPT1 is sill "Online."

  • Here's my current rules.debug


  • OK guys, I deleted the old group, applied, added the same group with the same settings, applied, deleted the rule, applied, added the same rule with the same settings, applied, and it seems to work for the first time.

    Nix that; the traffic merely switched from WAN to OPT1. I was fooled by the Traffic Graph showing traffic on WAN when there was none.

    Attached is new debug output. seems right by my eye, but it's now sending all data to OPT1.


  • All my assignments are static now, too.

    There seems to be a bug though, as the route I set to default isn't actually set on the router (netstat -nr shows no default set). Not that a router needs a default route (unless I want to update it), but it definitely seems like a bug.

  • Fuck! Wrong subnet on WAN static config. Fucking amateur…

    It seems to be working again. tcpdump suggests this at any rate. Forgive my late night flood. Hopefully, nobody subscribed :)

Log in to reply