Did you create the load balancing pools as described here --> http://doc.pfsense.org/index.php/Multi_WAN_/_Load_Balancing , also if manually edit rules, it might break the webGUI.
On Mon, Jul 6, 2009 at 4:42 PM, Winelfred G. Pasamba < [email protected]> wrote: > thanks. i think i had some of this kind of weirdness too in pfsense > using pf.conf manually > to load balance without failover -- i couldn't get to the internet on > the loadbalancing machine > although the loadbalancing was working from the internal network. > > looks like ip is loadbalanced but tcp is the problem. > > http://www.tipsternet.com/articles/advance%20routing.htm looks helpful > it says "Tip: Keep your router as a router. Don't start sticking > applications and services on it. Locally generated packets may seem to > work the same but they are exempt from certain routing logic and > manipulations." > > looks like better run squid in another box > > On Mon, Jul 6, 2009 at 3:44 PM, Alec Joseph Rivera<[email protected]> > wrote: > > Winelfred G. Pasamba wrote: > >> i'm been trying this "ip route add ... equalize..." thing. sometimes > >> it works, sometimes it doesn't. > >> > > The thing with this is if you're testing from a single station you won't > > see much. But if you have many stations, looking at the outbound routes > > will show you that it works. It doesn't make sense for the router to > > keep on switching gateways, even if say gateway A is unresponsive for a > > while (not that long). It's the way IP works, it allows for delay. Try > > to get around this mechanism is usually not a good idea. Normal users > > won't notice a lot of disruption on the traffic anyway if setup > correctly. > >> however failover is automatic and looks like it works. i can unplug > >> any of the routers and after some time all the pings to different > >> hosts work again. (dead route detection) > >> > >> i also see pings to google going out of routerA and pings to facebook > >> going out of routerB, which means routes are distributed. > >> > >> despite of successful pings i can't telnet to port 80 of google or > >> facebook, and i wonder why? > >> > >> > > TCP Sessions are the key here and complicates the setup a bit. This is > > related to what the target sees on the source ip of the packets. You > > should look at netfilter's conntrack and packet mangling capability. > > > >> > >> > >> On Fri, Jul 3, 2009 at 7:22 PM, Alec Joseph Rivera<[email protected]> > wrote: > >> > >>> Try looking for LARTC on googs. It's got a lot of examples to help you > >>> achieve what you want. > >>> > >>> Agi > >>> > >>> Nelson Serafica wrote: > >>> > >>>> I have 2 isp provider (ISPA and ISPB) and I have 1 machine. The 2 isp > >>>> provide a modem/router and both of them hook up on the same switch. I > >>>> called it "PUBLIC SWITCH". My web server was connected also on the > >>>> PUBLIC SWITCH and use ISPA provided ip address and its gateway. > >>>> > >>>> What I want to do is also use ISPB on the same server. I have only 2 > NIC > >>>> (1 on PUBLIC SWITCH and 1 on my private network) on my webserver. But > >>>> since it was connected on the PUBLIC SWITCH, I can use ISPB. > >>>> > >>>> I put ip address provided by ISPB as virtual (ifcfg-eth0:1) and the > >>>> metric gateway was 1. But I think this won't work as expected. > >>>> > >>>> Is there a way wherein I can use both ISP and their provided ip block > on > >>>> my web server (just like a router)? My client is on a tight budget and > >>>> don't want to purchase another machine just for a load balancer. But > >>>> purchasing another NIC card is ok. > >>>> > >>>> The OS is CentOS 5.3 with kernel 2.6.18-128.el5. Upon Googling, there > is > >>>> a patch on the kernel on how to do this but it seems old. Just asking > a > >>>> recommendation on the list who is expert to this. > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph > -- http://jangestre.wordpress.com
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
