4. Multi-WAN combining load balancing and policy based routing

Multi-WAN combining load balancing and policy based routing

  • G

    I'm a bit new to the whole multi-WAN thing, so please forgive me if this has been discussed and I didn't know the right search terms to find it. (I did try….)

    I understand - at least conceptually - the idea of using rules to send certain kinds of traffic (e.g., ftp) to specific WANs, and to use a load-balance group for other traffic that isn't sensitive to which WAN is used. What I'm wondering is if the load-balancer only sees the traffic that goes through it, or if it considers ALL traffic through the relevant WANs? For instance if I'm doing a heavy FTP transfer on WAN1, will the load balancer "notice" that and tend to route other traffic to WAN2 - or will it continue trying to split load balanced traffic equally thus perhaps overloading WAN1, or at least slowing down the traffic assigned to it, while WAN2 remains under-used?

    0
  • K

    The first rule that matches in the firewall will take effect (which ever gateway group you've defined in the rule)

    0
  • G

    @KurianOfBorg:

    The first rule that matches in the firewall will take effect (which ever gateway group you've defined in the rule)

    I'm aware of that; as far as I can tell, it's not really relevant to my question. If I'm wrong, can you explain why?

    0
  • Rebel Alliance Developer Netgate

    It's completely relevant. The use of load balancing or failover for Multi-WAN is governed by firewall rules. Traffic doesn't pass "through" the load balancer in the way you imply. It also doesn't adjust itself based on traffic load.

    You just need multiple Gateway Groups, one for LB, and one that prefers each WAN.

    Then use firewall rules like so:

    pass from (lan subnet) to stuff_for_wan1 using the PreferWAN1 gateway group
    pass from (lan subnet) to stuff_for_wan2 using the PreferWAN2 gateway group
    pass from (lan subnet) to any using the LoadBalance gateway group

    The bandwidth of a client connection has nothing to do with how it's balanced between WANs. Balancing happens in a pure round-robin manner, adjusted by the weighting configured for a gatway, on a per-connection basis. It can't tell the difference between a download and a web page load, it would just send them out whatever WAN was due to be used at the time.

    If you have the default weights configured, and everything load balanced, you'd see something like this:

    Connection 1 -> WAN1
    Connection 2 -> WAN2
    Connection 3 -> WAN1
    Connection 4 -> WAN2
    Connection 5 -> WAN1
    Connection 6 -> WAN2

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy