Failover config and monitor



  • I did not post this in the failover forum since it's description implied it was specifically for multi-WAN setups.

    I have some questions about the failover configuration under Load Balancing:

    1. How is the "Pool Disabled" list of IPs used?  Is that just an easy way to temporarily "turn off" a member of pool just to allow it to easily be added back later without retyping the IP?

    2. When I configure the Virtual Server, the IP address clients request will be my WAN IP address.  However, this is not a static address(although it does have an external DNS that resolves to the dynamic address, and it very rarely changes).  So Pfsense's WAN interface is set to DHCP and thus the IP is left blank.  This would be the IP address clients send requests to, and request to port 80 from the WAN would be handled by the load balancer.  Should I leave the IP address entry under Virtual Server empty, to get it to use the IP address assigned to the WAN interface?

    3. If I want automatic failover with no load balancing, then I would set Mode==Load Balance but put only on IP in the primary pool and one IP in the failover pool?  I assume Mode==Manual Failover is something where I would have to flip a switch to direct traffic to the Failover Pool as-needed, maybe for maintenance windows?

    4. The Load Balance config has a port option, and the Monitors also have a port option(which is left blank).  Does creating a new monitor with an explicit port allow you to have: a Load Balance port that client requests are served with, and a monitor that sends monitoring requests to a different port?  For example, if I wanted to implement a service that listens on a different port than the web service, so that my custom service on the load balanced servers can do application level monitoring and report the application as down even if the server is still up.  In this case each server would be running the web service on port 80, as well as another service on a different port that responds to monitoring requests.

    Thanks.


Log in to reply