Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Incoming Load Balancing without SNAT?

    Scheduled Pinned Locked Moved NAT
    1 Posts 1 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      newk
      last edited by

      Is there any way I can load-balance incoming SMTP across a pool of mail nodes, but still retain the original source IP on the packets??  I'm unable to find anything in the interface, nor any relevant search results here in the forum or elsewhere. :(

      I've set up to test pfsense 1.2-BETA-2  to load-balance a mailcluster, but all incoming connections to the servers show source IP as the inside (server-side) of the pfsense box, NOT the source IP of the incoming SMTP connection.  This tends to defeat a great many antispam measures that depend on properly identifying the source IP of each inbound message.

      Since it effectively anonymizes incoming connections for me this way, I wouldn't want to use it for anything in production.  (all public-accessible services have source IPs logged, for example)  I'm hoping there's something simple (or complex) I've missed that will omit the SNAT.

      j

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.