Can I do this with pfsense SSL HTTP Load balancing



  • I am looking for a opensource appliance that can perform the function of load balancing internal webservers and providing ssl for them.

    Such as

    –---server1 http/https web server
                                  Firewall
    WAN/Internet          (hopefully pfsense)                            -----Server2 http/https web server
                                Provide ssl cert and loadbalance
                                  To the following webservers                -----Server3 http/https web server

    Hopefully pfsense can pull this off.  We are currently running Barracuda loadbalancers but they are continually having problems lately(hard crashes on existing boxes and they sent us a defective new one).  Hopefully pfsense has this ability so we can get away from barracuda.  Let me know what you guys think.



  • When you say provide SSL for them, do you mean you want to off load the SSL processing, so your webserevrs only do http, i.e. the load balancer handles all the SSL for you as well as the balancing?

    Regards

    Ben



  • Ben,

    That is exactly what im looking to do.  The firewall basically handles the loadbalancing and also hold the cert keys for https.  The servers just run http.



  • I have used a program called pound to do exactly this kind of load balancing and SSL off-loading. Its in the FreeBSD ports tree, so I imagine it would run just fine on pfSense. I don't actually run it on my pfSense servers as it happens.

    You can find it here :-

    http://www.apsis.ch/pound/

    Regards

    Ben

    [Edit to correct typo]



  • Cool thanks Ben.  I will see if I can get it up and running on our test network.


Log in to reply