Problem with load balancing
-
I understand, maybe you should give your post sometime, but in you say that it works, so I would like to try it if you dont mind. Thank you.
-
I understand, maybe you should give your post sometime, but in you say that it works, so I would like to try it if you dont mind. Thank you.
Well, i think i have given my post plenty of time, and other post's are getting answered every day, just not mine :(
But maybe this forum is just pretty inactive, sadly..Anyways!
I would be happy to help you! :) - Can you post a drawing/description/screenshot/something else of your setup ? where your clients are connecting from, where your servers are (Those who should be load balanced) and so on.. -
Hello! here is how I would like my network to be, if any change is needed just let me know.
So the thing is, I have plenty of users at the bottom and right now I have 1 pfSense working and recieving all these connections, and what I want is to load balance those user, to the 2 pfSense, maybe I could put another pfSense before the other 2, that is basically, so in comparisong to your network, your two webservers would be my 2 pfSense, so would I need a third? or just those 2?, I am using pfSense 2.0.2. Thanks for your help!! :D
-
oh, BTW, I have 4 Vlans on the LAN interfaces, my pfSense gives internet to students, using captive portal, certificates, RADIUS etc. Can the pfSense load balance through Vlans?
-
Oh dear, that is totally different from my setup, i only have 1 Pfsense box.
I don't think i can help you here, since i have not been playing with multiple pfsense boxes before :( but 1 thing i was thinking of as soon as i saw your drawing: Do you have 2 external IP adresses ? since you cant connect a switch to the ISP (Modem/Internet), since the modem normaly only provide 1 IP on each port and the two pfsense boxes would be fighting over it then!
-
I have many public IPs, because the network is for a university. So I can connect 2 pfSense, but I need to load balance the users so they will know where to connect, I cannot connect the 2 pfSense right now, there is only 1 because the users need to know where to connect.
this would the network, I made some changes. Could you anyway tell me please who you configure your pfSense, ty :D
-
Ok,
About the dual pfsense setup i cant help you at all.But regarding the load balancing, maybe :)
is it your LAN clients that has to connect to a load balanced server pool?
If yes, i would do the following:(The fields that i do not specify in this "guide" is like a description, or something that has to stay default.)
Example LAN subnet: 192.168.0.0/24
1. Create a CARP VIP with the ip of (in this example, modify to your needs): 192.168.0.100/24 on LAN interface.2. In services > Load balancer: Create a new pool.
Mode: Load balance
Monitor: ICMP (easy for testing (but should make a propper monitor to test your application later), if your servers respond to ping)
port: The port number your applications listens to, and add your servers to the pool lets say 192.168.0.101 and 192.168.0.102.3. In services > Load balancer: Create a new virtuel server. Port: same as in step 2, Virtual server pool: choose the pool you created in step 2. Relay protocol: TCP, IP address: (This is the part I had wrong) has to be 192.168.0.100 for internal clients, or your WAN IP if external clients should be able to visit.
4. In Firewall > Aliases create:
Name: (Something you can remember, i used in the next step!)
type: hosts
Add the IPs of the same servers you specified in your pool in step 2.5. In Firewall > Rules create:
Interface: LAN (LAN if choosen internal clients in step 3, or WAN for external clients in step 3)
Protocol: TCP
source: Any (if choosen LAN clients in step 3, you should be able to set this to "LAN subnet", but for testing choose any!)
Destination: choose "single Host or alias" and write the name of the Alias you created in step 4.
Destination port range: port of your application, i think you can choose any to make testing easyer here!That is what i would have done, but i cant say if this would work but it is worth a try :)
Hope this helps! - Good luck, and let me know how it works out!
Any questions, feel free to ask
(Btw, there might be some typos in my post, i did not reread it.) -
thank you so much, I will try it later, because for now I can´t run tests, so I would let you know whatever happens, btw by internal hosts you mean the users? those users are the ones that I am creating this service for, so I think they are my internal hosts right? now this configuration where should I make it? in a third pfSense? or in any of the 2 that are in the picture? Do I have to connect these 2 directly?? meaning with a crossover cable? because carp needs it. TY.
-
thank you so much, I will try it later, because for now I can´t run tests, so I would let you know whatever happens, btw by internal hosts you mean the users? those users are the ones that I am creating this service for, so I think they are my internal hosts right? now this configuration where should I make it? in a third pfSense? or in any of the 2 that are in the picture? Do I have to connect these 2 directly?? meaning with a crossover cable? because carp needs it. TY.
My guess is to config this in one of them. but if that one goes down, your load balance goes down too. i have no idear how to create load balance on two pfsense boxes at the same time..
And yes, by "Internal hosts" i mean your uers / LAN clients. they will then have to connect to the IP 192.168.0.100 to get load balanced to your servers
-
ok, I will try this configuration thanks for your time, when I do the changes I will let you know. Maybe on sunday I will make them, because I cannot turn down the machine on the week…