Rule management with load balancing link aggregation

fluca1978 · Jul 14, 2010, 3:50 PM

Hi,
when using a gateway load balancer (WAN aggregation) the firewall rules must be reported on all the interfaces? I mean, image I've got interfaces WAN1 + WAN2 and then WAN1 goes down, so the system is using only WAN2, the rules of WAN1 are used also for the WAN2 (since this is a link aggregation) or do I have to make the rules exactly the same on each interface that belongs to the aggregation?

In such case, is there a way to generate/copy the rules of an interface to the other?

cmb · Jul 24, 2010, 8:28 PM

@fluca1978:

In such case, is there a way to generate/copy the rules of an interface to the other?

Just hit the + to the right of each rule to add a new one based on that rule, change the interface, and hit save.

fluca1978 · Jul 26, 2010, 12:15 PM

Right, but this way I will not have a link between rules, so any change in a rule for a specific interface I have to (remember to) change the rules accordingly in all the other interfaces.

jimp · Jul 26, 2010, 2:32 PM

In 2.0 you might be able to do this with Interface Groups, but in 1.2.3 you just have to duplicate rules. You could probably generalize them a little with proper use of aliases.