I'm looking to setup pfsense as a load balancer on my network. I'm planning on
running with 2 appliances mirroring each other with the carp functionality. So
I have 2 carp IPs currently:
X.X.X.1 (LAN carp)
Y.Y.Y.196 (WAN carp)
additionally I have:
X.X.X.3 (LAN address)
Y.Y.Y.198 (WAN address)
Y.Y.Y.196 has 443 opened and stunnel is bound to that IP/PORT
X.X.X.1 is bound by haproxy on port 8443
I setup stunnel to direct traffic to X.X.X.1:8443
From 'the world' I can see incoming connections hitting stunnel and then
timeout on the forward to X.X.X.1:8443
After doing some digging I realized the *from the pfsense console* I cannot
telnet into the ports open on *any* carp address.
ie:
telnet X.X.X.1 8443
telnet Y.Y.Y.196 443
Neither work from *the appliance* but both work from their respective networks
(other machines on the LAN network, and the public internet).
I can't run the service on a non-carp address because I'll lose the HA
functionality.
Additionally when I run haproxy on the LAN address for some reason I end up in
an infinite redirect loop. I think I can get to the bottom of that but it's
critical to run these service on the carp addresses first.
Any help/tips?
Travis Hansen
[email protected]
_______________________________________________
List mailing list
[email protected]
http://lists.pfsense.org/mailman/listinfo/list
