Hello, do you deploy by any means ADSL from different providers? We had this scenario and the problem is that lot's of companies (gMail, hotmail, msn, ms-technet, etc.) do use CDN's with different access points for different providers. Now when you get to http traffic, in our case it happend that some requests went through provider one, and some requests (images, etc.) to the CDN with IPs for provider one over provider two, and voila, web hangs because those IPs are not accessible over provider two.
What we had to do is limit ADSL lines in the same group to the same provider. If that's not an option you can do some rule based routing and say group of users x use adsl x, y use adsl y. and you can do failover groups to protect against outage, but, at least with my knowledge, that's about it ... best regards, Raimund ----- Original Message ----- From: "John O'Neill" <[email protected]> To: [email protected] Sent: Viernes, 25 de Enero 2013 23:35:54 Subject: [pfSense] Multiwan Round Robin - http traffic slow and sometimes failing Hi all, I have an issue with our pfsense install I am hoping someone might be able to help me with. Out current set up is we have three wan connections all running over adsl. These three wan settings are configured in a gateway group with each interface having been assigned a DNS server (Google Publin DNS x 2 and BT Name server x 1). Each interface is tier 1 in the gateway group In the Gateway status all interfaces are showing as up and in diagnostics a ping to 8.8.8.8 is successful from each interface. Ping traffic and even SIP traffic will pass out the pfsense device without issue using the multiwan setup, I can see this in the states table. However, http traffic is slow to respond and sometimes just fails completely. I have checked and none of the interfaces are configured as default but when I go into the shell and run netstat -r I can see that the wan interface is down as default. We are using 2.0.2-RELEASE (i386)/FreeBSD 8.1-RELEASE-p13 Does anyone have any ideas on why this would be happening to http traffic ? -- Cheers John _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list --
_______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
