Evaluating PFSense / in-bound server load balance / vpn



  • Hello,

    I was evaluating a few open-source routers and pfsense seems to have a very good name. I was wondering if someone can share their experience or give us any advice based on our scenario.

    What we have so far:

    • We have been using mainly 2 routers Mikrotik and Peplink.
    • Peplink is used to link-balance a T1 and cable and it also does server load balance. I can tell it to round-robin between multiple servers for a certain inbound port number (e.g Remote desktop, 2X and web). This is a very useful feature and lets us avoid using the Apache load-balancer or RDP gateway etc. Although it is not as good but round robin is enough for us.
    • Mikrotik running on a Core2 is used for Asterisk SIP Voip. Somehow its performance is far better than Peplink for voip.

    Going forward

    • We are moving to a proper datacenter so we do not need any form of link balancing. The DC provides BGP blended internet connection.
    • Definitely need server side round-robin load balancing which can support multiple servers. If the device can monitor CPU/memory usage then even better but it is not a hard requirement.
    • IPSec tunnels
    • Web or installed GUI from which to configure all of above.
    • I don't think we will use the freeswitch built into pfsense but will definitely use some sort of asterisk/voip server.

    Mikrotik fulfills all our requirements except inbound server load balancing that's the reason why I am looking.

    Thanks in advance!
    Nihar



  • @nihar15:

    Mikrotik fulfills all our requirements except inbound server load balancing that's the reason why I am looking.

    inbound server load balancing for pfsense:

    • built in tool in services -> load balance

    • haproxy package for http,https and tcp balance

    • varnish for http balance and cache for speed up server responses

    • apache + mod_security for balance and http sercurity


Locked