Evaluating PFSense / in-bound server load balance / vpn

nihar15

Hello,

I was evaluating a few open-source routers and pfsense seems to have a very good name. I was wondering if someone can share their experience or give us any advice based on our scenario.

What we have so far:

• We have been using mainly 2 routers Mikrotik and Peplink.
• Peplink is used to link-balance a T1 and cable and it also does server load balance. I can tell it to round-robin between multiple servers for a certain inbound port number (e.g Remote desktop, 2X and web). This is a very useful feature and lets us avoid using the Apache load-balancer or RDP gateway etc. Although it is not as good but round robin is enough for us.
• Mikrotik running on a Core2 is used for Asterisk SIP Voip. Somehow its performance is far better than Peplink for voip.

Going forward

• We are moving to a proper datacenter so we do not need any form of link balancing. The DC provides BGP blended internet connection.
• Definitely need server side round-robin load balancing which can support multiple servers. If the device can monitor CPU/memory usage then even better but it is not a hard requirement.
• IPSec tunnels
• Web or installed GUI from which to configure all of above.
• I don't think we will use the freeswitch built into pfsense but will definitely use some sort of asterisk/voip server.

Mikrotik fulfills all our requirements except inbound server load balancing that's the reason why I am looking.

Thanks in advance!
Nihar

marcelloc

@nihar15:

Mikrotik fulfills all our requirements except inbound server load balancing that's the reason why I am looking.

inbound server load balancing for pfsense:

• built in tool in services -> load balance

• haproxy package for http,https and tcp balance

• varnish for http balance and cache for speed up server responses

• apache + mod_security for balance and http sercurity