Load balancing and DNS issues

eric

Hey guys

I currently have load balancing setup and seemingly working by following the guide on the wiki.  However I am having an issued with DNS not working properly.

My setup now thats (half) working is this: In System->General I have set one DNS server from each ISP into the list, and turned off "Allow DNS servers to be overridden".  Static routes for each server set to the correct gateway.  DNS forwarder turned on, and registering all DHCP clients.  Now I also have to set a rule to allow DNS out the default gateway or else it won't work.

The reason I said this is half working is because when both connections are up, the Internet works perfectly, however, if I take one of them down (doesn't matter which one) I lose all DNS.  I have also tried with the DNS forwarder turned off, however I would really like it on because I use it all the time.

Does anybody have any insight as to what I may be doing wrong?

Thanks
-Eric

Mercredi

may be you shouldnt use static routes for DNS servers? use policy-based routing.

jeroen234

he MUST use static routes pfsense itself can't use the  policy-based routing
so it needs a static route to the dns servers so that it can still find them when the wan or the opt1 interface is down

eric

so i do need static routes.. but im still having issues.  if i take one of the interfaces offline i still loose all DNS whatsoever, all external, and internal.

any ideas?

sullrich

Then your static routes are not defined correctly.

From a shell do a netstat -rn

You should see the dns ip address entry with a next hop gateway ip assigned.

Also try to traceroute from a shell to the dns ip.  Is it going out the correct gateway?

eric

thanks scott

netstat -rn does not show either dns ip address.  traceroute works fine on one dns ip address and not the other (sends out the same interface both times)

my DNS servers are as follows
Telus: 154.11.128.187
Uniserve: 216.113.192.3

gateways are as follow:
Telus: 66.183.128.254
Uniserve: 216.210.98.1

Static routes are as follows:
Interface    Network                    Gateway
Wan2        154.11.128.187/32      66.183.128.254
Wan          216.113.192.3/32        216.210.98.1

Does that look right?

Thanks again
-Eric

sullrich

@eric:

thanks scott

netstat -rn does not show either dns ip address.  traceroute works fine on one dns ip address and not the other (sends out the same interface both times)

It should… If it is not then there lies the problem I suspect.