NEED >> Basic Load Balance Howto for V.2
-
When I'll have little time I'll make a visual howto for this.
-
Might not be worth the effort yet, at least until 2.0 hits the RC stage. There is still a chance that some parts of the UI could change slightly (not likely, but possible) so I wouldn't spend too much time on it just yet.
-
jimp, I've fully rewritten the mini-howto following your indications at the original page at http://forum.pfsense.org/index.php/topic,28121.0.html
The first version was terribly wrong! :)
I hope this one will be better. If someone see any mistake or have suggestions, feel free to tell.
I'll be glad to update it. I perform the setup in a virtual environment, so it is easy for me to test any change.
I wrote the guide because I needed this feature for version 2.0 and I didn't find it in the documentation.
Thanks! -
BTW, does anyone knows how to change the ping frequency sent by pfsense to monitor IP addresses in Load Balancing?
It sends 1 ping/second by default! -
Might not be worth the effort yet, at least until 2.0 hits the RC stage. There is still a chance that some parts of the UI could change slightly (not likely, but possible) so I wouldn't spend too much time on it just yet.
several screen shot's and some text is not a problem.
I just need to put Photoshop on my new graphic's computer. -
No need for Photoshop, that's like using a cannon to swat a fly. Grab Jing or something similar for simple captures. (I use SnagIt but it's not free)
-
I use PrtScr ;D
I already know Photoshop and in the army I was in heavy artillery…
And there is this….... -
I used HoverSnap, free and effective. No time to play with Photoshop for a couple of captures. ;D
-
Snagit is awesome, it's what we use to make screencaps for the book, and it has lots of nifty features like "scrolling web page" captures where it will take a screencap of an entire website no matter how long it is. :-)
http://pingle.org/files/loooongcat.png
-
I was under the impression that by simply putting both Gateways on the same tier that loadbalancing and failover was handled automatically. Is there a need for the extra Failover groups and the added ruleset in LAN?
I understand how the described failover groups and rule entrys would work but is it needed for anything but specific requirements and situationsif that's the case I don't see how this is considered an easier setup than v 1.2.3
Either way I suppose I need to test my current configuration to see if Failover is working properly. -
You do not need the extra groups if you just want to load balance.
I have some thing I want to prefer my WAN1, and others I want to prefer WAN2, that's why I have the extra failover groups.
With a load balance group where they are all on the same tier, there really isn't a concept of failover, they both work all the time and if a gateway fails, it is marked down and disabled so only the remaining WAN(s) in the group are used. It's not really "failover" since both were already in use. But I suppose that would be getting a tad pedantic on my part. :)
-
I think it is failover as if one of the interfaces dies, it automatically move all data using the working interfaces.
What I am missing is a way to bypass the checkup ip address.
In my case both interfaces, WAN & OPT1 are connected to NAT routers. some times the routers drop the connection to the internet, but toward the LAN, where pfSence is connected, they still ping happily.
If I had a way to chenge the IP then I can use something actually on the internet and get a true response. -
Just change the monitor IPs to something external. I use 8.8.8.8 for wan, and 8.8.4.4 for wan2.
-
I was under the impression that by simply putting both Gateways on the same tier that loadbalancing and failover was handled automatically. Is there a need for the extra Failover groups and the added ruleset in LAN?
I understand how the described failover groups and rule entrys would work but is it needed for anything but specific requirements and situationsif that's the case I don't see how this is considered an easier setup than v 1.2.3
Either way I suppose I need to test my current configuration to see if Failover is working properly.The first time I thought like you. In fact, that configuration works as described in my original howto. :)
But then, thank to jimp I realized that creating different groups for Load Balancing and Failover is a more acurate solution. In addition, it gives you more control over both features.
Although it's a bit more complex, it worth the effort.
-
Just change the monitor IPs to something external. I use 8.8.8.8 for wan, and 8.8.4.4 for wan2.
Poor Google DNS, hehehe!! :P
Another option could be to make a traceroute to an external IP from each ISP and start pinging some closer IP addresses.
Why? On one hand, those IP addresses are closer to you (less latency), and on the other hand, if Google is down (ok, maybe in parallel universe…) your router doesn't think that the whole Internet is down.
BTW, what an awesome feature from Snagit! It's a pity that there isn't a free version. 8)
-
Well with my Cable ISP, they have a habit of losing connectivity to their upstream, so I have to ping something off their network, or I wouldn't detect many of their failures. Past their network, it could be any of a number of unpredictable routers at their peering, so I use something on the Internet in general.
-
Well with my Cable ISP, they have a habit of losing connectivity to their upstream, so I have to ping something off their network, or I wouldn't detect many of their failures. Past their network, it could be any of a number of unpredictable routers at their peering, so I use something on the Internet in general.
It makes sense. It was just an option. And Google has demonstrated ability to handle awesome amounts traffic, better than any existing ISP (until theyselves become an ISP).
-
Just change the monitor IPs to something external. I use 8.8.8.8 for wan, and 8.8.4.4 for wan2.
OK
found it under "System: Gateways: Edit gateway"
I knew there was an option when set to static IP but not for DHCP…
