[SOLVED] Load balancer in the same network
-
Hi.
I created some Virtual Servers in the Load Balancer service on my pfSense system for some servers in the SRV network.
Everything works when using the Virtual Servers with WAN IP addresses and connecting from the WAN, but load balancer with SRV IP addresses and connecting from the SRV network don't work.
So I read the document on https://doc.pfsense.org/index.php/Inbound_Load_Balancing and realized that I cannot connect to virtual servers from the same network on which the real servers reside.
This is a very big problem for me, so the same documents tells about some manual outbound NAT rules to make it working.So I tried to create a manual outbound NAT rule as follow:
-
Interface: SRV
-
Protocol: any
-
Source: network 192.168.70.0/24 (the SRV network)
-
Source port: empty
-
Destination: network 192.168.70.10/32 (the IP address of the load balancer virtual server for SRV network)
-
Translation: network 192.168.70.254 (The CARP virtual IP address for the SRV network)
But it does not work.
Could you help me to find out the correct rules I have to configure, please?
Thank you very much!
Bye -
-
None. Traffic on the same subnet does not go through the firewall.
-
None. Traffic on the same subnet does not go through the firewall.
Yes, I know.
But 192.168.70.10 (the load balancer virtual server on SRV network) is a virtual IP address on the firewall, so its traffic goes to the firewall and enter in the load balancer.
Anyway, I solved. The outbound NAT rule was wrong. The correct one is:Interface: SRV
Protocol: any
Source: network 192.168.70.0/24 (the SRV network)
Source port: empty
Destination: network 192.168.70.21/32 (the IP address of the server in the load balancer - I have to create one rule per server)
Translation: network 192.168.70.254 (The CARP virtual IP address for the SRV network)Thank you very much!
Bye