Well, I am not sure, but I think it's not *impossible* to do, as a matter of fact, there are quite some docs in the wiki and the forums.
Basically what you can do is: configure a different network between the ADSL/Cable router and your own, e.g. 10.10.1.0/28 with IP 10.10.1.14 for the ADSL and 10.10.1.1 for the pfsense router, as well 10.10.2.0/28 with IP 10.10.2.14 for the Cable modem and 10.10.2.1 for the pfsense router. than you create the interfaces / gateways in pfSense and you create a gateway group (or more, one loadbalancing, one a2b failover, one b2a failover). and set your rules accordingly. You may investigate in setting the connections to sticky so the connection sticks to one of the outgoing routers. You may also investigate possible DNS Problems, e.g. content from akamai is not reachable over B when the IP Adresses come from A, so you would have to send traffic to services like akamai over one line. because you use a 10.10.x.0/28 network you have 14 useable addresses which you can use for carp, so basically set 10.10.1.1 and 10.10.2.1 as the virtual IP's and use 2 and 3 for the real IPs you need for Carp, therefor solving the problem with the IP Addresses. best Ray ----- Original Message ----- From: "Adam Thompson" <[email protected]> To: "pfSense support and discussion" <[email protected]> Sent: Martes, 20 de Marzo 2012 4:09:46 Subject: Re: [pfSense] How to Load balance and Failover 2 ISP's The only way you’d be able to load-balance between the two connections (as far as I know) would be to introduce a * third * router that treats the two existing ones as equal-cost paths. However, because they will emit different IP addresses, you’ll find that this doesn’t actually work. I don’t know of a way to accomplish load-balancing with pfSense. Failover is easy, just plug both connections into a single pfSense router/firewall and configure appropriately. Failover is a very different animal from load-balancing unless you’re an ISP running BGP, in which case suddenly they look a lot alike. RAD used to have a proprietary product that did this, but it looks like it’s long gone. Adtran’s NetVanta routers support (somehow!) equal-cost load-balancing, but I can’t imagine they work any better than any of the other solutions for this problem have historically. The only way I can think of using pfSense to load-balance is manually, by creating advanced NAT rules that direct the traffic of * some * internal IPs out to ISP#1 and * other * internal IPs out ISP#2. No single IP would be able to use all the bandwidth of both, but two computers (if they were the right two!) could each use up all of the bandwidth on one ISP connection each. AFAIK, to use CARP, you need 3 static IP addresses on each connection. At least, that’s the way I’ve always set it up. So once again, you’re asking for the impossible. As I mentioned above, however, you * can * plug both the DSL and the cable connection into a single pfSense router and get automatic failover between the two connections. Looking at your diagram, anything beyond that can’t (reasonably) be done. (And, really, you can afford the labour to implement HA Exchange and all this complexity, but you can’t afford to upgrade to a single Comcast or Verizon business-grade connection??? Either you work for peanuts, or maybe someone in your office can’t do basic math.) -Adam Thompson [email protected] (204) 291-7950 - direct (204) 489-6515 - fax From: [email protected] [mailto:[email protected]] On Behalf Of Steven Anderson Sent: Monday, March 19, 2012 8:19 PM To: [email protected] Subject: [pfSense] How to Load balance and Failover 2 ISP's Greetings! I previously tried to post to this group but for some reason it failed. So here I go again. I own 2 pfSense boxes each is attached to an ISP one cable and one dsl. I have dynamic addressing. A single address on each connection (something I can not change too cost prohibitive unfortunately) I would like to Load Balance between the two ISP's utilizing the fail-over carp feature for the pfsense boxes. I do not know how to combine the two these things (Loadbalancing/Failover) . I am not even sure it is possible. Help would be appreciated, I will return the favor by making a video/write up on exactly how to do it. Thanks in advance for the help. My configuration diagram can be found here: http://www.scribd.com/doc/85847217/My-Configuration regards, hikenboot _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
