Is it possible to load balance replies to web requests that have come in one WAN

  • I've read the book, and can't see how to do it. It doesn't say much about replies, just that they don't need firewall rules. We're low on upload bandwidth and I would like our webserver to distribute its replies across multiple WANs (ADSL and 3G dongle).

  • Rebel Alliance Developer Netgate

    No, that would not work.

    The reply has to leave with the same IP/port combination that it came in on, and your ISP on the other link would likely drop that traffic even if it could go out the other way, since it is not their subnet/IP to route.

    In order for a reply to go out another WAN, the request would have to come in on  the other WAN.

    It may be possible to do that via DNS trickery (round-robin DNS) but it wouldn't be perfect, and not something you can really manage in the firewall.

    So long as you have a port forward to the web server on both WANs you should be able to reach it, assuming your 3G link isn't behind NAT already. Many of them are, so you couldn't take inbound connections on there.

