Hy, I Recently installed pfSense 2.0RC and i tried to Set an Loadbalancing, I
-
Hy,
I Recently installed pfSense 2.0RC and i tried to Set an Loadbalancing,
I Added the IP Pools:
192.168.1.10:80 -> webserver 1
192.168.1.100:80 -> webserver 2And Added an Virtual Server IP: 192.168.1.200:80 -> Virtual IP
But when i trying to see http://192.168.1.200/ The Ip Address do no respond.
-
balance will not work on same interface, you will need a reverse proxy package or an outbound nat to change source ip going to web servers.
visual example:
192.168.1.20 asks 192.168.1.200 for a page
192.168.1.20 forwards to 192.168.1.10
192.168.1.10 see that client(192.168.1.20) is on same network
192.168.1.10 returns page directly to 192.168.1.20
192.168.1.20 rejects this communication as he asked 192.168.1.200 for a page and response came from 192.168.1.10
-
Last I heard that actually did work, but I haven't tried it myself. We had a customer doing balancing like that on a one-arm firewall. It had some issues though, not sure if it was related to that or not.
Check the relayd tab under system logs and see what the error is. Most common mistake would be that 192.168.1.200 must be a CARP VIP or IP Alias VIP in order for it to work, a proxy arp or 'other' type VIP will not work.
-
An outbound nat could simulate a proxy, that's the only way I could do this.
This way,server logging will have only firewall ip address.
A proxy could set a X-forwarder-ip and a web server(for example) is able to log clients ip.
