4. Load balancing and DNS issues

Load balancing and DNS issues

  • E

    Hey guys

    I currently have load balancing setup and seemingly working by following the guide on the wiki.  However I am having an issued with DNS not working properly.

    My setup now thats (half) working is this: In System->General I have set one DNS server from each ISP into the list, and turned off "Allow DNS servers to be overridden".  Static routes for each server set to the correct gateway.  DNS forwarder turned on, and registering all DHCP clients.  Now I also have to set a rule to allow DNS out the default gateway or else it won't work.

    The reason I said this is half working is because when both connections are up, the Internet works perfectly, however, if I take one of them down (doesn't matter which one) I lose all DNS.  I have also tried with the DNS forwarder turned off, however I would really like it on because I use it all the time.

    Does anybody have any insight as to what I may be doing wrong?

    Thanks
    -Eric

    0
  • M

    may be you shouldnt use static routes for DNS servers? use policy-based routing.

    0
  • J

    he MUST use static routes pfsense itself can't use the  policy-based routing
    so it needs a static route to the dns servers so that it can still find them when the wan or the opt1 interface is down

    0
  • E

    so i do need static routes.. but im still having issues.  if i take one of the interfaces offline i still loose all DNS whatsoever, all external, and internal.

    any ideas?

    0
  • S

    Then your static routes are not defined correctly.

    From a shell do a netstat -rn

    You should see the dns ip address entry with a next hop gateway ip assigned.

    Also try to traceroute from a shell to the dns ip.  Is it going out the correct gateway?

    0
  • E

    thanks scott

    netstat -rn does not show either dns ip address.  traceroute works fine on one dns ip address and not the other (sends out the same interface both times)

    my DNS servers are as follows
    Telus: 154.11.128.187
    Uniserve: 216.113.192.3

    gateways are as follow:
    Telus: 66.183.128.254
    Uniserve: 216.210.98.1

    Static routes are as follows:
    Interface    Network                    Gateway
    Wan2        154.11.128.187/32      66.183.128.254
    Wan          216.113.192.3/32        216.210.98.1

    Does that look right?

    Thanks again
    -Eric

    0
  • S

    @eric:

    thanks scott

    netstat -rn does not show either dns ip address.  traceroute works fine on one dns ip address and not the other (sends out the same interface both times)

    It should… If it is not then there lies the problem I suspect.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy