#1  
Old 23rd November 2011, 02:02
3zzz 3zzz is offline
Junior Member
 
Join Date: Jan 2008
Location: California
Posts: 18
Thanks: 0
Thanked 1 Time in 1 Post
Default PFsense load balancing how?

I would like to try PFsense for load balancing web servers, but I spent all day trying to set up a test bed on my LAN and haven't been able to get it to work.

http://www.howtoforge.com/how-to-use...ur-web-servers

I tried setting up a new pfsense box and then setting up the virtual according to the above "how-to". For testing, I would like to set this all up on the LAN. When I do that, the virtual address is never ping-able and I can't connect to the virtual server or failover, even though the status says it is up.

So I tried creating a second private network 192.168.2.X and using that as the WAN, and doing that, I was able to ping the virtual ip, but it still would not serve from the web servers no matter what.

Is it possible to set up PFsense load balancing for testing all within a single (LAN) subnet, and if so how?
TYVMIA
Reply With Quote
Sponsored Links
  #2  
Old 23rd November 2011, 22:52
3zzz 3zzz is offline
Junior Member
 
Join Date: Jan 2008
Location: California
Posts: 18
Thanks: 0
Thanked 1 Time in 1 Post
Default

Quote:
Originally Posted by 3zzz View Post
Is it possible to set up PFsense load balancing for testing all within a single (LAN) subnet, and if so how?
I have the basic test bed working now and wanted to document my progress;
incidentally this is all inside a single ESXi5 VM Host.
My LAN (the real LAN, not the PFSense test bed LAN) is 192.168.1.0/24 with the gateway 192.168.1.1

Pfsense: WAN IP 192.168.1.104
Pfsense: WAN GW: None (this was key!)
Pfsense: LAN IP 192.168.2.1
Pfsense: Load Balancer Virtual IP: 192.168.1.104

Pool Server1: IP 192.168.2.10
Pool Server1: GW 192.168.2.1
Pool Server2: IP 192.168.2.20
Pool Server2: GW 192.168.2.1

Now when I access from my desktop's browser to http://192.168.1.104 I see the web content served from the pool servers!

Notes:
1) The LoadBalancer Virtual server IP matches the PFSense WAN IP.
2) The pool servers use PFSense LAN IP as their Gateway.
3) With the PFSense WAN GW set to the actual LAN GW of 192.168.1.1, the Pool servers then have access to the internet, but in my Desktop Web Browser I can't access the Virtual Server IP until I set PFSense WAN GW to none.
4) If a 192.168.1.X address is added to the pool servers for local accessibility, the Virtual Host stops working.
5) The DNS for the hostname must point to the Virtual Server ip (at least in the case of my websites)
6) If using a non-standard port, it needs to be the same on both the pool and virtual servers (at least in the case of my websites)

Last edited by 3zzz; 24th November 2011 at 02:14.
Reply With Quote
  #3  
Old 28th November 2011, 01:21
neofire neofire is offline
Member
 
Join Date: Feb 2011
Location: Brisbane, QLD Australia
Posts: 35
Thanks: 0
Thanked 1 Time in 1 Post
Default

Hey 3zzz

Sorry i have been away on business and not been able to check up on posts/forums etc, i glad to see you got your test bed working if you have any other questions feel free to message me and i will attempt to get back to you ASAP
Reply With Quote
  #4  
Old 24th May 2012, 19:59
3zzz 3zzz is offline
Junior Member
 
Join Date: Jan 2008
Location: California
Posts: 18
Thanks: 0
Thanked 1 Time in 1 Post
Default trouble with WAN config

hi neofire -
I finally tried to implement my cluster in a live environment yesterday but couldn't get the WAN configured correctly. No matter what, I was not able to ping the gateway from PFSense.

We have a block of static ip addresses and the gateway is within that block but on the ISPs router.

One issue I had was having two gateways with the exact same name. When I'd set the gateway on the assign interfaces page, I chose the gw with the provider's ip address. But on the status interface page, I saw it was using the gateway with the same name but a LAN ip address. Finding the "edit gateways" page seems to be a matter of luck, eventually I deleted the wrong gateway. But even after that was still not able to ping the gateway trying various configurations despite the ISP seeing our side connected (but not passing traffic).

How should PFSense be configured when you have a CIDR block and the gateway falls within the block but is on the ISPs router?
eg if our netblock is
20.20.20.92/28
gw = 20.20.20.93
assigned ips = 20.20.20.94-106

tyvmia
Reply With Quote
  #5  
Old 25th May 2012, 01:31
neofire neofire is offline
Member
 
Join Date: Feb 2011
Location: Brisbane, QLD Australia
Posts: 35
Thanks: 0
Thanked 1 Time in 1 Post
Default

Hey 3zzz

To be honest i have not done much with CIDR,

But from what i have been reading its supposed to be simple to implement pfsense when CIDR is involved.

Can you show me what firewall rules you have on the WAN interface please
Reply With Quote
  #6  
Old 25th May 2012, 19:41
3zzz 3zzz is offline
Junior Member
 
Join Date: Jan 2008
Location: California
Posts: 18
Thanks: 0
Thanked 1 Time in 1 Post
Default

thanks neofire!
I have a whole bunch of rules, tried configuring everything before I plugged in - maybe that was my mistake. Should I post the XML for them?
The only rules that are blocking things are "RFC 1918 networks" and a list of "banned" ip addresses that gave us trouble in the past. Everything else is set to allow / forward to various internal addresses.
I'm planning to give it another shot, probably on Monday with a minimally configured PFSense and see if I can't at least get online and ping the gateway.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Question about PFSense Load Balancer 3zzz HOWTO-Related Questions 13 2nd December 2011 01:57
High Availability (Load Balancing) behind a firewall geek.de.nz Server Operation 7 4th January 2011 13:58
libWand.so.10 error Taxick Installation/Configuration 8 3rd May 2009 01:27
Howto suggestion suse PhP ver 4 + Ver 5 wwparrish Suggest HOWTO 11 7th August 2006 13:29
Load balancing on Fedora Care 4 luxpops HOWTO-Related Questions 1 4th April 2006 18:14


All times are GMT +2. The time now is 12:18.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.