Sticky connections - Multi WAN



  • Just a couple quick questions on this.

    1. Do I have to restart pfsense after enabling this for it to take affect?
    2. what would be the recommended time to keep states?

    This morning I enabled it with a 5 second timeout, and I had a user still unable to login to her banking website….

    Do I need to set the time higher? Do I need to reboot pfsense before it takes affect?

    thanks



  • https will always have issue when loadbalancing.

    a)create a gateway group: failover_https (different tiers)
    b)create a PASS rule on lan, (on top), with dest-port: https, gateway: failover_https



  • Thanks Heper….once again!  :)



  • I'm not sure what you accomplished Heper?  Are you saying pass all https traffic Wan 1 or 2, not balanced? If not, different tier relative to what, the load balance tier 1?  I have the same issue.  I first plopped a Lan pass rule putting all https on Wan2 just above the loadbalance catchall (Wan1+2) at the bottom. Problem is Netflix is on https so the balance becomes very imbalanced.

    Another issue is dynamic "per ip" rate limiting. I limit, on the loadbalance rule, with values just below the aggregate of Wan1+2 both having an equal provision. However, load balance is never equal and gets more unbalanced when sticky connections are applied so the modem buffer gets hit on occasion increasing latency during high load.  I can't figure out a way to apply separate limiters on each Wan and still load balance both Wan's.


Log in to reply