Multi Wan slower than single Wan



  • Hi
    I'm hoping someone can help! I've probably just missed a very basic simple step in setting up pfsense as a load balance.

    I've got 3 ADSL (each ~3mps down, 0.7up) lines coming into a PFsense 1.2.3-RC1 box (P4 1gb RAM desktop with 3 extra NICs). I've set up the balancer to use all 3, set-up the firewall to point all traffic through this gateway. (no special rules here) and set outbound NAT to manual with rules for each Wan port.
    And it works, i can see my ip address changing on refreshing pfsense.org/ip.php.

    But the problem comes in that the internet speed dies.

    Heres a screenshot of BandwidthD

    The big dip in the graph is when i enabled all three adsl lines!

    I've tried both with sticky connections enabled and disabled with the same outcome. There is nothing complex about this setup the pfsense box is purely just acting as the gateway and DHCP server, no custom firewall/routing/vlan settings.

    Firewall - Excuse the top rule, its only there to access one of the ADSL modem.

    NAT - Not sure if this is required or not??

    LoadBalancer

    Any help/pointers would be appreciated :)
    Thanks!



  • Well, I would set all the outbound nat rules to match the LAN subnet (like the auto created one), and you do know that only the first LAN rule you have there is going to do anything, as they all are set to match any protocol, destination, and port?
    You need to keep your expectations in line with how the LB works. It's going to round robin through the lines, so for any one machine, you still max at the bandwidth of the line you are on. Unless you use one of those multi-wan download managers.
    And is there any reason you are using the legacy version? 2.0 is stable and has many improvements in the LB, although the configuration has changed- read the stickies in the LB forum.
    (EDIT- that sticky was in the old 2.0 testing area):
    http://forum.pfsense.org/index.php/topic,10407.0.html



  • @dotdash:

    Well, I would set all the outbound nat rules to match the LAN subnet (like the auto created one), and you do know that only the first LAN rule you have there is going to do anything, as they all are set to match any protocol, destination, and port?
    You need to keep your expectations in line with how the LB works. It's going to round robin through the lines, so for any one machine, you still max at the bandwidth of the line you are on. Unless you use one of those multi-wan download managers.
    And is there any reason you are using the legacy version? 2.0 is stable and has many improvements in the LB, although the configuration has changed- read the stickies in the LB forum.
    (EDIT- that sticky was in the old 2.0 testing area):
    http://forum.pfsense.org/index.php/topic,10407.0.html

    Thanks, the rules are remnants of a previous guide i followed ::) (This was my first foray into setting up PFsense)
    I realise load balancing will not give me an increased throughput, I'm in more need of availability to web requests that should be well suited to using the LB

    I'm just curious as to what would cause such a negative impact on performance by enabling the LB.
    I do have a new machine with version 2 that is in the process of being configured/tested. :)
    Subsequently i'm encountering similar performance hits in version 2 as well but put it down to a different setup and using Vlan's over physical nic's.

    I was hoping to iron out the issues on this machine first that would then allow me to apply the theory to the new machine.



  • I haven't used bandwidthd in a while, but have you observed some sort of performance issues while on the RR pool? (Not just the graph, but whining users, etc) Oh, and make sure to point https to a failover pool and not a balancer pool.


Locked