Load Balancing in PFSense



  • Hi
        We have a requirement where we need to build an active/standy set up for Application servers.Already we have configured active/active setup for servers in PFSense firewall through Load balancer.

    When we try to create a similar configuration for Active/Standy setup we are not able to make it successfully.

    Steps we tried while implementing Active/Standby configuration

    1. Created two pools in Load balancer
    2. Created a virtual server with Public IP
    3. Created a Fall Back Pool in Virtual Servers (For standby)

    But still servers in both the Pools acts as Master and creates a confusion during code deployment.

    We want a particular server to act as Master and when it goes down slave should take the control and should process the code.We do not want both the servers to pick the code and process it simultaneously.

    Kindly provide suggestions or ways to achieve this setup.



  • Guys
              Is there any option or feasibility for having the above set up in PFSense?



  • You don't say whether you're using the HAProxy package or not - I'm assuming so, in which case, here's a link:

    https://www.thekua.com/atwork/2009/04/active-passive-load-balancer-configuration-for-haproxy/



  • This video is what I used to help me set up Load Balancing and Failover.

    It has load balancing and fail over. It's with Dual Wan. Hopefully that is what you are doing. After all is said and done the simple test to see whether it is working is to either unplug or disconnect one of them. Oh yeah, turn your volume down, because the video has unnecessary music playing.  If you don't like clicking links like me then just search for these terms. "DUAL WAN ON PFSENSE 2"

    Youtube Video



  • I don't believe it's about multi-wan.

    haproxy is indeed an option to do traffic balancing and or failover functionality for multiple webservers running on the local/dmz network.

    Its possible to configure two servers and mark one of them as the backup, that way traffic will always go to the primary server. you might also want to configure some advanced options to shutdown sessions to backup when primary comes back. checkout the haproxy manual for the exact syntax.



  • For whatever reason I was thinking about HAVP because you can also make a proxy with that when it worked anyways. I can't wait to start using pf again. I was running it virtually but my stubborn internet security forgets the ip of my main Lan now so it's pointless until I can run it on hardware. I wish that I could give up my internet security program but it's been the absolute best solution that I have used so far.

    http://www.emsisoft.com/en/software/internetsecurity/?id=12431127

    http://download.emsisoft.com/EmsisoftInternetSecuritySetup_12431127


Log in to reply