RE: [pfSense Support] 050.2 CARP won't go Master or Backup
HI Firstly I didn't have time yet to do another update_file.sh so the problem may already be fixed.. but in the interim: After the update_file.sh I did yesterday morning .. I have an intermittent issue which I think is also related.. ng0 goes down, AND stays down, even after reboots. Doing another upgrade(downgrade) via the web interface to 085.6(.tar.gz) fixed the ng0 down problem. Although I could manually ifconfig ng0 up to bring the route up again but after reboot it would go down again. I suspect carp is not coming up because ng0 doesn't come up? Tx all. Ivan. -Original Message- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 28, 2005 4:19 PM To: support@pfsense.com Subject: Re: [pfSense Support] 050.2 CARP won't go Master or Backup You need to update_file.sh /etc/rc.bootup as well. The carp interfacs are brought up at the very end now. Scott On 9/28/05, Frimmel, Ivan (ISS South Africa) [EMAIL PROTECTED] wrote: Ok, so I spent sometime on this, this morning. One of the problems I had yesterday during update_file.sh (on 085.4).. it somehow broke OPT1(sync) and kept making it disabled. So carp would never come up, once I got this sorted by going to 085.6 I could go forward. So .. 1) I brought router2 back up and did all upgrades and reconfigured CARP; 2) CARP still behaves badly 3) Did another update_file.sh after 085.6, CARP haves badly. It may go master/backup first time, but when doing disable/enable it stays init on BOTH routers. I dropped to a shell .. and simply did a ifconfig carp0 up on both. CARP comes up in the appropriate mode(master/backup) and virtual IPs work again as expected. i.e. this fixes the issue. Disable/enable button breaks it again. i.e. a working server as Master will go back to init after hitting enable/disable. Hope this helps? Ivan. -Original Message- From: Holger Bauer [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 28, 2005 1:49 AM To: support@pfsense.com Subject: AW: [pfSense Support] 050.2 CARP won't go Master or Backup ok, I have experienced some strange problems bringing up CARP-Interfaces here as well (quite reproducable but also a bit sporadic). Scott did several changes and he finally came up with something that now is running on my systems without any problems any more (my systems are also syncing via a crossover-cable, no switch in between). Ivan, if you can please crosslink your systems again and do a update_file.sh /etc/inc/interfaces.inc on both system before testing again. To have a switch between two machines is needed if you have more than 2 machines in the cluster but with only two machines it's an additional point of failure if the switch dies or only has powerfailure. Syncing should work with crosslink-cables too. So if you can give it a try and report back we would appreciate it. Thank you in advance, Holger -Ursprüngliche Nachricht- Von: Bill Marquette [mailto:[EMAIL PROTECTED] Gesendet: Dienstag, 27. September 2005 20:20 An: support@pfsense.com Betreff: Re: [pfSense Support] 050.2 CARP won't go Master or Backup On 9/27/05, Frimmel, Ivan (ISS South Africa) [EMAIL PROTECTED] wrote: HI PPPoe is on WAN .. CARP is on LAN with carp sync on OPT1. OK so you guys are going to laugh at me. I do feel stupid. As a fault finding procedure and just to get connectivity back I halted router2, which is UTP crossed over connected to router 1 on OPT1. So OPT1 (carp sync) is down. (no link since you need both nic up to have link). CARP will NOT come up without link on OPT1. My suggestion in terms of best practice is to have a switch on OPT(sync) when using CARP. It has wasted a lot of my time and it IS my fault cause I was cheap just using cross over cable. Tx all .. Hrm...I'll have to test this out at home :-/ At work everything is always plugged into a switch (the machines are miles apart), but at home I'm using a crossover cable for the dedicated sync network. But I didn't think that CARP would stay down forever if the sync interface was down :-/ --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For
[pfSense Support] LB and pre-emption on CARP?
HI The setup: Router2 Secondary PPPoe WAN - 172.16.24.125 - | | - Virtual 172.16.24.124 Router1 Primary | PPPoe WAN - 172.16.24.126- A few quick questions please .. 1) What does the load balancing option in CARP page do? 2) If load balancing is enable on the CARP page do we still have to setup the LB service? 3) In the LB service .. do I setup the virtual IP(124) into the LB pool ( LAN GW to WAN ? ) Or do I use the 2 physical GW IPS of the routers (125 and 126)? 4) If I use pre-emption, one is master another is slave, does it still LB? It seems from the reading room .. only masters LB? i.e. to LB using CARP pre-emption needs to be off so you can have 2 masters? While the tutorial is helpful, it doesnt really clarify how this stuff all ties together tx Ivan.
[pfSense Support] 802.11q vlans
This might be off topic but I am flummoxed by the problem so I thought I would ask. Configuration Pfsense Lan with 3 vlans and lan as parent. Switch with vlan 1 through to 4 enabled Port 2 is setup on switch with all vlans and is plugged into lan on pfsense. Then the other ports are allocated to individual vlans. The communications across vlans looks fine on the switch itself(traffic seems to only flow within members of the vlans) The switch is a 3com 3300xm Lan | | Port2 on switch-port 4 on switch vlan 3--win XP | | port 3 on switch vlan 2 | | WinXP
Re: [pfSense Support] 802.11q vlans
At 05:28 AM 9/29/2005, you wrote: This might be off topic but I am flummoxed by the problem so I thought I would ask. Configuration Pfsense Lan with 3 vlans and lan as parent. Switch with vlan 1 through to 4 enabled Port 2 is setup on switch with all vlans and is plugged into lan on pfsense. Then the other ports are allocated to individual vlans. The communications across vlans looks fine on the switch itself(traffic seems to only flow within members of the vlans) The switch is a 3com 3300xm Lan | | Port2 on switch-port 4 on switch vlan 3--win XP | | port 3 on switch vlan 2 | | WinXP i'm using a similar config. you don't say what your config on pfsense is, but are you setting up TWO vlan interfaces on the pfsense? e.g. LAN = fxp0 (or whatever) vlan0 = fxp0 vlan 2 vlan1 = fxp0 vlan 3
RE: [pfSense Support] import monowall xml files
No, m0n0wall config files are not compatible with pfSense anymore. Fortunately, unless you have a massively complex configuration, it should be reasonably straightforward to set up your pfSense box to work as your m0n0wall did without too much drama. -Gary -Original Message- From: Jonathan Woodard [mailto:[EMAIL PROTECTED] Sent: Thursday, September 29, 2005 12:40 AM To: support@pfsense.com Subject: [pfSense Support] import monowall xml files i know this has probably been answered in previous posts but i didn't see them. i'm wondering if / how i can move my monowall xml file over to pfsense. i tried to just restore, thinking that i had seen a previous post saying it was ok, it but killed everything and i had to re-install. i would love to try pfsense and most likely will when i have more time. i just really hoped that all my configurations are not lost when moving over. thanks and i apologize if i wasn't detailed enough. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] 802.11q vlans
Lan | | Port2 on switch- port 4 on switch vlan 3--win XP | | port 3 on switch vlan 2 | | WinXP i'm using a similar config. you don't say what your config on pfsense is, but are you setting up TWO vlan interfaces on the pfsense? e.g. LAN = fxp0 (or whatever) vlan0 = fxp0 vlan 2 vlan1 = fxp0 vlan 3 [alan walters] Yes the vlans are configured on pfsense as you have outlined above. Traffic seems to flow into the correct interface on pfsense but does not get back to the client. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 1:1 NAT loopback
Well, it's not supposed to work. I'm still not sure how it was made to work in this fashion. But, I can offer one suggestion on a way that it might work. On the outbound NAT screen, you'll need to create a NAT bound to the LAN interface NATing everything from LAN destined for LAN to the LAN IP on your firewall. The problem you're seeing is that the firewall is redirecting you to the server, but the reply traffic from the server is getting sent to your workstations real IP. --Bill On 9/28/05, Simon SZE-To [EMAIL PROTECTED] wrote: Hello, I had read the thread at Aug 26 and found that some pfSense's user able to access 1:1 NATTed service in LAN segment, but when I try it today, it's failed. My testing environment: - the public IP xx.xx.xx.46 1:1 NAT to 10.0.138.9 - proxy ARP the xx.xx.xx.46 - allow any to any access to xx.xx.xx.46 in firewall rule - my workstation IP is 10.0.138.130 - pfSense's IP is xx.xx.xx.42 I did the following steps: - telnet xx.xx.xx.46 110 (of cos. I have POP3 service listening) - I've got connection failed after around 20sec - the states got the following 2 lines: self tcp 10.0.138.130:1941 - xx.xx.xx.42:51404 - xx.xx.xx.46:110 SYN_SENT:CLOSED self tcp xx.xx.xx.46:110 - 10.0.138.130:1941CLOSED:SYN_SENT Thanks! Simon SZE-To - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 802.11q vlans
Is the switch port configured for tagging, or did you configure it to allow vlans 1-4 to talk to port 2? The VLAN setup in pfSense utilises 802.1q tagging, enabling vlans on a port doesn't necessarily configure that port for tagged frames. --Bill On 9/29/05, alan walters [EMAIL PROTECTED] wrote: This might be off topic but I am flummoxed by the problem so I thought I would ask. Configuration Pfsense Lan –with 3 vlans and lan as parent. Switch with vlan 1 through to 4 enabled Port 2 is setup on switch with all vlans and is plugged into lan on pfsense. Then the other ports are allocated to individual vlans. The communications across vlans looks fine on the switch itself(traffic seems to only flow within members of the vlans) The switch is a 3com 3300xm Lan | | Port2 on switch-port 4 on switch vlan 3--win XP | | port 3 on switch vlan 2 | | WinXP
Re: [pfSense Support] import monowall xml files
This used to work, but our config has significantly diverged from m0n0. I suspect if you used a config from where we forked it'd probably work, but assuming m0n0 changed _anything_ in their config file since then, it's unlikely to convert over. I think we're at the point where either someone needs to make it work, or the restore function rejects a m0n0 config. --Bill On 9/29/05, Jonathan Woodard [EMAIL PROTECTED] wrote: i know this has probably been answered in previous posts but i didn't see them. i'm wondering if / how i can move my monowall xml file over to pfsense. i tried to just restore, thinking that i had seen a previous post saying it was ok, it but killed everything and i had to re-install. i would love to try pfsense and most likely will when i have more time. i just really hoped that all my configurations are not lost when moving over. thanks and i apologize if i wasn't detailed enough. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 802.11q vlans
At 10:27 AM 9/29/2005, you wrote: Is the switch port configured for tagging, or did you configure it to allow vlans 1-4 to talk to port 2? The VLAN setup in pfSense utilises 802.1q tagging, enabling vlans on a port doesn't necessarily configure that port for tagged frames. --Bill On 9/29/05, alan walters [EMAIL PROTECTED] wrote: This might be off topic but I am flummoxed by the problem so I thought I would ask. Configuration Pfsense Lan with 3 vlans and lan as parent. Switch with vlan 1 through to 4 enabled Port 2 is setup on switch with all vlans and is plugged into lan on pfsense. Then the other ports are allocated to individual vlans. The communications across vlans looks fine on the switch itself(traffic seems to only flow within members of the vlans) The switch is a 3com 3300xm Lan | | Port2 on switch-port 4 on switch vlan 3--win XP | | port 3 on switch vlan 2 | | WinXP i assumed he had all that correct, since he said he could see the traffic going into the pfsense port. i was going to ask the same question, myself. this has to be a config problem, as i'm using this exact same setup. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] 050.2 CARP won't go Master or Backup
No, CARP is on LAN. -Original Message- From: Bill Marquette [mailto:[EMAIL PROTECTED] Sent: Thursday, September 29, 2005 4:22 PM To: support@pfsense.com Subject: Re: [pfSense Support] 050.2 CARP won't go Master or Backup On 9/29/05, Frimmel, Ivan (ISS South Africa) [EMAIL PROTECTED] wrote: HI Firstly I didn't have time yet to do another update_file.sh so the problem may already be fixed.. but in the interim: After the update_file.sh I did yesterday morning .. I have an intermittent issue which I think is also related.. ng0 goes down, AND stays down, even after reboots. Doing another upgrade(downgrade) via the web interface to 085.6(.tar.gz) fixed the ng0 down problem. Although I could manually ifconfig ng0 up to bring the route up again but after reboot it would go down again. I suspect carp is not coming up because ng0 doesn't come up? Are you running carp on an ng interface? I'm surprised this ever works. --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 802.11q vlans
On 9/29/05, Dan Swartzendruber [EMAIL PROTECTED] wrote: i assumed he had all that correct, since he said he could see the traffic going into the pfsense port. i was going to ask the same question, myself. this has to be a config problem, as i'm using this exact same setup. I agree, which is why I asked the obvious question :) Not everyone realizes that marking a port with multiple vlans doesn't mean that it's a tagged port, just that the machine on that port can see and talk to each of the vlans (untagged). That of course would require pfSesne to support real interface aliases - which we don't (and I'm not yet convinced is required) --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] CARP Master/Backup goes to INIT update
Ahh yes. The DISABLE/ENABLE button needs to be updated. Good catch. I'll fix in a bit. Scott On 9/29/05, Frimmel, Ivan (ISS South Africa) [EMAIL PROTECTED] wrote: HI I just did another update_file.sh .. and re-setup CARP. Doing a Reboot brings CARP up into Master as expected ;) ( I can't turn on the slave to test if it is 100%.. but the behavior seems better) So this part seems fixed. HOWEVER - It still insists on going back to INIT .. when pressing DISABLE/ENABLE button. Ifconfig carp0 up brings it back up. Something is not right in the DISIABLE / ENABLE button script on the CARP page. BTW : DynDns with PPPoE seems to be fixed over the last few releases. Tx Ivan. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] import monowall xml files
Scott Ullrich wrote: We convert m0n0wall configurations on import. We convert the tag names and remove the traffic shaper.But don't expect proxyarp and things of this nature to work. Scott On 9/29/05, Bill Marquette [EMAIL PROTECTED] wrote: This used to work, but our config has significantly diverged from m0n0. I suspect if you used a config from where we forked it'd probably work, but assuming m0n0 changed _anything_ in their config file since then, it's unlikely to convert over. I think we're at the point where either someone needs to make it work, or the restore function rejects a m0n0 config. --Bill On 9/29/05, Jonathan Woodard [EMAIL PROTECTED] wrote: i know this has probably been answered in previous posts but i didn't see them. i'm wondering if / how i can move my monowall xml file over to pfsense. i tried to just restore, thinking that i had seen a previous post saying it was ok, it but killed everything and i had to re-install. i would love to try pfsense and most likely will when i have more time. i just really hoped that all my configurations are not lost when moving over. thanks and i apologize if i wasn't detailed enough. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] I agree with Bill here, I suggest at the very least right now having it reject the monowall file. Since this used to work there maybe more people out there who are trying this and having to just re-install. thanks to all of you for your help, i'll probably install pfsense on a weekend when i have time to redo it all. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] import monowall xml files
Yeah, I've been thinking about this for a bit and I'm starting to think we should just reject m0n0wall files. We've divulged from their codebase enough to warrant it, I think. Scott On 9/29/05, Jonathan Woodard [EMAIL PROTECTED] wrote: Scott Ullrich wrote: We convert m0n0wall configurations on import. We convert the tag names and remove the traffic shaper.But don't expect proxyarp and things of this nature to work. Scott On 9/29/05, Bill Marquette [EMAIL PROTECTED] wrote: This used to work, but our config has significantly diverged from m0n0. I suspect if you used a config from where we forked it'd probably work, but assuming m0n0 changed _anything_ in their config file since then, it's unlikely to convert over. I think we're at the point where either someone needs to make it work, or the restore function rejects a m0n0 config. --Bill On 9/29/05, Jonathan Woodard [EMAIL PROTECTED] wrote: i know this has probably been answered in previous posts but i didn't see them. i'm wondering if / how i can move my monowall xml file over to pfsense. i tried to just restore, thinking that i had seen a previous post saying it was ok, it but killed everything and i had to re-install. i would love to try pfsense and most likely will when i have more time. i just really hoped that all my configurations are not lost when moving over. thanks and i apologize if i wasn't detailed enough. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] I agree with Bill here, I suggest at the very least right now having it reject the monowall file. Since this used to work there maybe more people out there who are trying this and having to just re-install. thanks to all of you for your help, i'll probably install pfsense on a weekend when i have time to redo it all. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] NIC issues
I'm having issues with the following NIC cards: Sun Quad Fast Ethernet - not recognized Intel Pro 100 - recognized, but doesn't seem to work - used it as my LAN interface - connected it back to back with another maching using a X-over cable and configured both on the same net - couldn't access the config page any help would be appreciated JB - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] LB and pre-emption on CARP?
On 9/29/05, Frimmel, Ivan (ISS South Africa) [EMAIL PROTECTED] wrote: [snip] 1) What does the load balancing option in CARP page do? It's a poor way of load balancing based on the HASH AFAIK. From the manpage: net.inet.carp.arpbalance Balance local traffic using ARP. 2) If load balancing is enable on the CARP page do we still have to setup the LB service? I'm pretty sure you will want to go with our load balancing system that uses slbd. 3) In the LB service .. do I setup the virtual IP(124) into the LB pool ( LAN GW to WAN ? ) Or do I use the 2 physical GW IPS of the routers (125 and 126)? See http://wiki.pfsense.com/wikka.php?wakka=IncomingLoadBalancing and http://wiki.pfsense.com/wikka.php?wakka=OutgoingLoadBalancing for examples. 4) If I use pre-emption, one is master another is slave, does it still LB? It seems from the reading room .. only masters LB? i.e. to LB using CARP pre-emption needs to be off so you can have 2 masters? Not really sure. I've never really used the arp balancing feature as I hear that it doesn't do a good job.. But this may have changed recently. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] NIC issues
Quoth J B: I'm having issues with the following NIC cards: Intel Pro 100 - recognized, but doesn't seem to work - used it as my LAN Am currently using a PRO 100 on a Routerboard 230. pfSense 81.4, currently. interface - connected it back to back with another maching using a X-over cable and configured both on the same net - couldn't access the config page any help would be appreciated JB - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- ---MAV Marc A. Volovic [EMAIL PROTECTED] Swiftouch, LTD +972-544-676764 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] NIC issues
the freebsd device name is hme: The hme(4) driver supports the on-board Ethernet interfaces of many Sun UltraSPARC workstation and server models. Cards supported by the hme(4) driver include: * Sun PCI SunSwift Adapter * Sun SBus SunSwift Adapter .( hme. and .SUNW,hme.) * Sun PCI Sun100BaseT Adapter 2.0 * Sun SBus Sun100BaseT 2.0 * Sun PCI Quad FastEthernet Controller * Sun SBus Quad FastEthernet Controller As for the Intel Pro - different system - that system I was using 1 Intel Pro 100 (stand alone), 1 Linksys Fast eth (shows up as dc0) and a 3com 3c509 JB On Thu, September 29, 2005 12:20 pm, Scott Ullrich wrote: That NIC is not supported as far as I can tell. If you know the device name in freebsd please let me know.Try removing the quad port nic and I bet the single nic will work. Scott On 9/29/05, J B [EMAIL PROTECTED] wrote: I'm having issues with the following NIC cards: Sun Quad Fast Ethernet - not recognized Intel Pro 100 - recognized, but doesn't seem to work - used it as my LAN interface - connected it back to back with another maching using a X-over cable and configured both on the same net - couldn't access the config page any help would be appreciated JB - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] NIC issues
Quoth J B: As for the Intel Pro - different system - that system I was using 1 Intel Pro 100 (stand alone), 1 Linksys Fast eth (shows up as dc0) and a 3com 3c509 In my case, the device name is fxp -- ---MAV Marc A. Volovic [EMAIL PROTECTED] Swiftouch, LTD +972-544-676764 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] NIC issues
On 9/29/05, J B [EMAIL PROTECTED] wrote: the freebsd device name is hme: I have added device hme and the kernel is currently compiling. Unless it errors out expect to see this in the next version. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] NIC issues
yes - it shows up as fxp0 - but then I get errors loading microcode - and it just don't work on the network JB On Thu, September 29, 2005 12:38 pm, Marc A. Volovic wrote: Quoth J B: As for the Intel Pro - different system - that system I was using 1 Intel Pro 100 (stand alone), 1 Linksys Fast eth (shows up as dc0) and a 3com 3c509 In my case, the device name is fxp - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] NIC issues
At 01:12 PM 9/29/2005, you wrote: Well - it keeps timing out, I wish I had the machine in front of me so I could send the actual error - but it keeps saying that the microcoad load is timing out sounds like the nic is flaky. i'm running the same NIC on my pfsense (as the LAN) and it works fine... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] NIC issues
I suspect the microcode is borking the NIC.Do you have a newer NIC that you could try? I would rather not remove the microcode support as it works wonders for newer cards. Scott On 9/29/05, J B [EMAIL PROTECTED] wrote: Well - it keeps timing out, I wish I had the machine in front of me so I could send the actual error - but it keeps saying that the microcoad load is timing out JB On Thu, September 29, 2005 1:08 pm, Dan Swartzendruber wrote: At 12:48 PM 9/29/2005, you wrote: yes - it shows up as fxp0 - but then I get errors loading microcode - and it just don't work on the network gets errors. can you be more specific? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] NIC issues
Is there anyway to turn off the microcode on a per/NIC basis? I only have older Pro100 cards - (trying to recycle some old equipment and make it usefull again) JB On Thu, September 29, 2005 1:14 pm, Scott Ullrich wrote: I suspect the microcode is borking the NIC.Do you have a newer NIC that you could try? I would rather not remove the microcode support as it works wonders for newer cards. Scott On 9/29/05, J B [EMAIL PROTECTED] wrote: Well - it keeps timing out, I wish I had the machine in front of me so I could send the actual error - but it keeps saying that the microcoad load is timing out JB On Thu, September 29, 2005 1:08 pm, Dan Swartzendruber wrote: At 12:48 PM 9/29/2005, you wrote: yes - it shows up as fxp0 - but then I get errors loading microcode - and it just don't work on the network gets errors. can you be more specific? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] NIC issues
Not easily. The code detects that you have a fxp driver and then tries to init the code. I suppose we could add a tag to systemdo_not_use_nic_microcode or something... On 9/29/05, J B [EMAIL PROTECTED] wrote: Is there anyway to turn off the microcode on a per/NIC basis? I only have older Pro100 cards - (trying to recycle some old equipment and make it usefull again) JB On Thu, September 29, 2005 1:14 pm, Scott Ullrich wrote: I suspect the microcode is borking the NIC.Do you have a newer NIC that you could try? I would rather not remove the microcode support as it works wonders for newer cards. Scott On 9/29/05, J B [EMAIL PROTECTED] wrote: Well - it keeps timing out, I wish I had the machine in front of me so I could send the actual error - but it keeps saying that the microcoad load is timing out JB On Thu, September 29, 2005 1:08 pm, Dan Swartzendruber wrote: At 12:48 PM 9/29/2005, you wrote: yes - it shows up as fxp0 - but then I get errors loading microcode - and it just don't work on the network gets errors. can you be more specific? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] NIC issues
Okay, try the newest /etc/inc/pfsense-utils.inc and add this tag to system do_not_use_nic_microcode/ Scott On 9/29/05, Scott Ullrich [EMAIL PROTECTED] wrote: Not easily. The code detects that you have a fxp driver and then tries to init the code. I suppose we could add a tag to systemdo_not_use_nic_microcode or something... On 9/29/05, J B [EMAIL PROTECTED] wrote: Is there anyway to turn off the microcode on a per/NIC basis? I only have older Pro100 cards - (trying to recycle some old equipment and make it usefull again) JB On Thu, September 29, 2005 1:14 pm, Scott Ullrich wrote: I suspect the microcode is borking the NIC.Do you have a newer NIC that you could try? I would rather not remove the microcode support as it works wonders for newer cards. Scott On 9/29/05, J B [EMAIL PROTECTED] wrote: Well - it keeps timing out, I wish I had the machine in front of me so I could send the actual error - but it keeps saying that the microcoad load is timing out JB On Thu, September 29, 2005 1:08 pm, Dan Swartzendruber wrote: At 12:48 PM 9/29/2005, you wrote: yes - it shows up as fxp0 - but then I get errors loading microcode - and it just don't work on the network gets errors. can you be more specific? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] NIC issues
No, it was missing a ] Thanks for the heads up! On 9/29/05, Dan Swartzendruber [EMAIL PROTECTED] wrote: At 01:31 PM 9/29/2005, you wrote: Okay, try the newest /etc/inc/pfsense-utils.inc and add this tag to system do_not_use_nic_microcode/ syntax error in your change. the ')' should be a ']' ? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] NIC issues
Fleming, John (ZeroChaos) wrote: 3c509 or 3c905? The 509 is an ISA card which means you need to run the 3com util 3c5x9cfg (I think that's what its called) to make sure you don't have any irq/io conflicts. might have jumpers on the card in lieu of that, a few of them did. Might also have to muck with some of your resource settings in your BIOS. Honestly, unless you have a lot of hair you wouldn't mind losing, I would suggest trashing ISA cards and getting some PCI NIC's. :) They can be had for ~$5 USD a pop on ebay. I think the start of the gray hair I'm getting at 25 was caused by using multiple ISA NIC's on Linux and BSD firewalls several years ago. ;) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] NIC issues
The issue is the Intel Pro - not the 3C509 (I have to use this until the QFE card is supported - because I only have 3 pci slots, and need 4 interfaces) The 3C509 is an ISA card - and works just fine JB On Thu, September 29, 2005 3:49 pm, Chris Buechler wrote: Fleming, John (ZeroChaos) wrote: 3c509 or 3c905? The 509 is an ISA card which means you need to run the 3com util 3c5x9cfg (I think that's what its called) to make sure you don't have any irq/io conflicts. might have jumpers on the card in lieu of that, a few of them did. Might also have to muck with some of your resource settings in your BIOS. Honestly, unless you have a lot of hair you wouldn't mind losing, I would suggest trashing ISA cards and getting some PCI NIC's. :) They can be had for ~$5 USD a pop on ebay. I think the start of the gray hair I'm getting at 25 was caused by using multiple ISA NIC's on Linux and BSD firewalls several years ago. ;) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] NIC issues
On 9/29/05, J B [EMAIL PROTECTED] wrote: The issue is the Intel Pro - not the 3C509 (I have to use this until theQFE card is supported - because I only have 3 pci slots, and need 4interfaces) The 3C509 is an ISA card - and works just fineJB Which QFE card is not supported? Dave-- --Are Your Friends Lemmings? -- http://www.lemmingshirts.com
RE: [pfSense Support] NIC issues
So what irqs are the 3com and Intel on? -Original Message- From: J B [mailto:[EMAIL PROTECTED] Sent: Thursday, September 29, 2005 2:53 PM To: support@pfsense.com Subject: Re: [pfSense Support] NIC issues The issue is the Intel Pro - not the 3C509 (I have to use this until the QFE card is supported - because I only have 3 pci slots, and need 4 interfaces) The 3C509 is an ISA card - and works just fine JB On Thu, September 29, 2005 3:49 pm, Chris Buechler wrote: Fleming, John (ZeroChaos) wrote: 3c509 or 3c905? The 509 is an ISA card which means you need to run the 3com util 3c5x9cfg (I think that's what its called) to make sure you don't have any irq/io conflicts. might have jumpers on the card in lieu of that, a few of them did. Might also have to muck with some of your resource settings in your BIOS. Honestly, unless you have a lot of hair you wouldn't mind losing, I would suggest trashing ISA cards and getting some PCI NIC's. :) They can be had for ~$5 USD a pop on ebay. I think the start of the gray hair I'm getting at 25 was caused by using multiple ISA NIC's on Linux and BSD firewalls several years ago. ;) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Questions about Load Balancing
Greetings, I have a Squid PROXY server that I want to use two DSL connections that I have with. However, one of them is a 1 megabit connection and the other is a 512kbps connections. Based on what I have read on the list, I am concerned that the load balancing algorithm will NOT distribute 2/3 and 1/3 of the combined 1.5mbps for the outgoing traffic over the two connections respectively. Am I incorrect in this? Will it maximize each connection if they are of difference capacities? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Traffic shaping. Parent Queue
A little more info please. Version: ? Did you set up defaults with the wizard ? -lsf From: Audun Brekke [mailto:[EMAIL PROTECTED] Sent: 29. september 2005 23:57 To: support@pfsense.com Subject: [pfSense Support] Traffic shaping. Parent Queue There seems to be an error in the traffic shaping. When I set the queues manually it is not possible to set the parent queue. I can set the queue to be parent in the webui, but the queue dont seem to be updated. I get an error like: php: : There were error(s) loading the rules: /tmp/rules.debug:16: queue MaxDownload has no parent /tmp/rules.debug:16: errors in queue definition /tmp/rules.debug:17: queue MaxUpload has no parent /tmp/rules.debug:17: errors in queue definition pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [16]: queue MaxDownload bandwidth 4100Kb cbq There is no change in the config file if I set or unset the this is the parent queue in the webui. I line like this shoud be added in the config files when the this is the parent queue is selected altq on xl0 cbq queue { MaxDownload } -Audum- -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.344 / Virus Database: 267.11.9/115 - Release Date: 29.09.2005
RE: [pfSense Support] NIC issues
Btw the microcode is loaded via the option link0 which is passed to ifconfig. I'm not sure where that is set but a few grep for link0 in /etc/ should show you. -Original Message- From: J B [mailto:[EMAIL PROTECTED] Sent: Thursday, September 29, 2005 12:22 PM To: support@pfsense.com Subject: Re: [pfSense Support] NIC issues Is there anyway to turn off the microcode on a per/NIC basis? I only have older Pro100 cards - (trying to recycle some old equipment and make it usefull again) JB On Thu, September 29, 2005 1:14 pm, Scott Ullrich wrote: I suspect the microcode is borking the NIC.Do you have a newer NIC that you could try? I would rather not remove the microcode support as it works wonders for newer cards. Scott On 9/29/05, J B [EMAIL PROTECTED] wrote: Well - it keeps timing out, I wish I had the machine in front of me so I could send the actual error - but it keeps saying that the microcoad load is timing out JB On Thu, September 29, 2005 1:08 pm, Dan Swartzendruber wrote: At 12:48 PM 9/29/2005, you wrote: yes - it shows up as fxp0 - but then I get errors loading microcode - and it just don't work on the network gets errors. can you be more specific? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Questions about Load Balancing
Load balancing uses round robin. Scott On 9/29/05, Wesley K. Joyce [EMAIL PROTECTED] wrote: Greetings, I have a Squid PROXY server that I want to use two DSL connections that I have with. However, one of them is a 1 megabit connection and the other is a 512kbps connections. Based on what I have read on the list, I am concerned that the load balancing algorithm will NOT distribute 2/3 and 1/3 of the combined 1.5mbps for the outgoing traffic over the two connections respectively. Am I incorrect in this? Will it maximize each connection if they are of difference capacities? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] dhcpclient Invalid lease option - ignoring offer
OK, more info... Did a fresh install of 85.6 and I get the same DHCP error. Basically it barfs on a DHCP offer option 15: Option 15: Domain Name = domain_not_set.invalid (from Ethereal sniff) And in the pfsense system log: dhclient[3538]: Bogus domain search list 15: domain_not_set.invalid (domain_not_set.invalid) dhclient[3538]: Invalid lease option - ignoring offer dhclient[3538]: Invalid lease option - ignoring offer dhclient[3538]: packet_to_lease failed. dhclient[3538]: No DHCPOFFERS received. And if I try to add domain_not_set.invalid to the domain name in pfsense I get: The following input errors were detected: * The domain may only contain the characters a-z, 0-9, '-' and '.'. This is SBC/Yahoo DSL and XP handles the DHCP offer fine. Earlier versions of pfsense also handled it fine. Did the BSD crew rewrite dhcpclient? I did see some grumblings around the Internets. On 9/27/05, Scott Ullrich [EMAIL PROTECTED] wrote: On 9/27/05, Jeff Quinonez [EMAIL PROTECTED] wrote: Anyway, I downgraded to 70.4 and all is well. Manual upgrade to 85.4 and I have the same issue of not getting a DHCP address and the same errors. Also, after the 85.4 update if I go to Manual Update I get Unable to Receive Version Info. I'll look into this DHCP error a little later, as I have seen this in some BSD forums. I have an extra box so I'll try to recreate the issue. Keep up the good work. :-)Thanks, that would be a _HUGE_ help!Scott-To unsubscribe, e-mail: [EMAIL PROTECTED]For additional commands, e-mail: [EMAIL PROTECTED]-- got root?
Re: [pfSense Support] Questions about Load Balancing
Title: Re: [pfSense Support] Questions about Load Balancing Hi Wesley, I have one box with 3 WAN using load balancing. WAN ADSL 2MB WAN1 FR 1MB WAN2 FR 512K We even dont have this issue now. But we had hard time with ftp-helper, I cant connect with any site. I have issues with HTTPS and policy routing for outgoing connection forced via the WAN (default) interface solved it. Also Icould not have policy routing working for incoming connections using WAN1 or WAN2. my current version is 0.85.6 Any tip? Thanks, Moacyr Leite da Silva AKADNYX | Segurança | Infraestrutura | Storage | VoIP+55 19 3241-5688+55 19 9730-1712[EMAIL PROTECTED]www.akadnyx.com.br - Original Message - From: Wesley K. Joyce To: support@pfsense.com Sent: Thursday, September 29, 2005 8:41 PM Subject: RE: [pfSense Support] Questions about Load Balancing Hi Scott, is there a solution to this? Am I unique in that I have multiple WAN connections of different capacities? Anyone have another solution? Thanks From: Scott Ullrich [mailto:[EMAIL PROTECTED]Sent: Thu 9/29/2005 7:20 PMTo: support@pfsense.comSubject: Re: [pfSense Support] Questions about Load Balancing Load balancing uses round robin.ScottOn 9/29/05, Wesley K. Joyce [EMAIL PROTECTED] wrote: Greetings, I have a Squid PROXY server that I want to use two DSL connections that I have with. However, one of them is a 1 megabit connection and the other is a 512kbps connections. Based on what I have read on the list, I am concerned that the load balancing algorithm will NOT distribute 2/3 and 1/3 of the combined 1.5mbps for the outgoing traffic over the two connections respectively. Am I incorrect in this? Will it maximize each connection if they are of difference capacities? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]-To unsubscribe, e-mail: [EMAIL PROTECTED]For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Traffic shaping. Parent Queue
Wrong. A parent queue denotes a child queue. Create 4 queues and assign your rules to the two child queues. Better yet, use the ezshaper wizard, it's there so you don't have to try and figure out how it all works. --Bill On 9/29/05, Audun Brekke [EMAIL PROTECTED] wrote: There seems to be an error in the traffic shaping. When I set the queues manually it is not possible to set the parent queue. I can set the queue to be parent in the webui, but the queue don't seem to be updated. I get an error like: php: : There were error(s) loading the rules: /tmp/rules.debug:16: queue MaxDownload has no parent /tmp/rules.debug:16: errors in queue definition /tmp/rules.debug:17: queue MaxUpload has no parent /tmp/rules.debug:17: errors in queue definition pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [16]: queue MaxDownload bandwidth 4100Kb cbq There is no change in the config file if I set or unset the this is the parent queue in the webui. I line like this shoud be added in the config files when the this is the parent queue is selected altq on xl0 cbq queue { MaxDownload } -Audum- -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.344 / Virus Database: 267.11.9/115 - Release Date: 29.09.2005 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Questions about Load Balancing
Not unique, we just don't have an easy way to implement ratio based load balancing at this time. BTW, it'd be connection based anyway, not true bandwidth balancing. I'd recommend putting some clients on one connection, some on the other and manually balance the links using rules. --Bill On 9/29/05, Wesley K. Joyce [EMAIL PROTECTED] wrote: Hi Scott, is there a solution to this? Am I unique in that I have multiple WAN connections of different capacities? Anyone have another solution? Thanks From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Thu 9/29/2005 7:20 PM To: support@pfsense.com Subject: Re: [pfSense Support] Questions about Load Balancing Load balancing uses round robin. Scott On 9/29/05, Wesley K. Joyce [EMAIL PROTECTED] wrote: Greetings, I have a Squid PROXY server that I want to use two DSL connections that I have with. However, one of them is a 1 megabit connection and the other is a 512kbps connections. Based on what I have read on the list, I am concerned that the load balancing algorithm will NOT distribute 2/3 and 1/3 of the combined 1.5mbps for the outgoing traffic over the two connections respectively. Am I incorrect in this? Will it maximize each connection if they are of difference capacities? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [pfSense Support] Questions about Load Balancing
Hey Moacry, do you notice if it appropriately distributes the load? I just had a thoughti, if I set the bandwith on the interface to the actual broadband service rate as oppposed to NIC connection speed, would that affect the load balancing? From: Moacyr Leite da Silva [mailto:[EMAIL PROTECTED] Sent: Thu 9/29/2005 8:55 PM To: support@pfsense.com Subject: Re: [pfSense Support] Questions about Load Balancing Hi Wesley, I have one box with 3 WAN using load balancing. WAN ADSL 2MB WAN1 FR 1MB WAN2 FR 512K We even dont have this issue now. But we had hard time with ftp-helper, I cant connect with any site. I have issues with HTTPS and policy routing for outgoing connection forced via the WAN (default) interface solved it. Also I could not have policy routing working for incoming connections using WAN1 or WAN2. my current version is 0.85.6 Any tip? Thanks, Moacyr Leite da Silva AKADNYX | Segurança | Infraestrutura | Storage | VoIP +55 19 3241-5688 +55 19 9730-1712 [EMAIL PROTECTED] www.akadnyx.com.br - Original Message - From: Wesley K. Joyce mailto:[EMAIL PROTECTED] To: support@pfsense.com Sent: Thursday, September 29, 2005 8:41 PM Subject: RE: [pfSense Support] Questions about Load Balancing Hi Scott, is there a solution to this? Am I unique in that I have multiple WAN connections of different capacities? Anyone have another solution? Thanks From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Thu 9/29/2005 7:20 PM To: support@pfsense.com Subject: Re: [pfSense Support] Questions about Load Balancing Load balancing uses round robin. Scott On 9/29/05, Wesley K. Joyce [EMAIL PROTECTED] wrote: Greetings, I have a Squid PROXY server that I want to use two DSL connections that I have with. However, one of them is a 1 megabit connection and the other is a 512kbps connections. Based on what I have read on the list, I am concerned that the load balancing algorithm will NOT distribute 2/3 and 1/3 of the combined 1.5mbps for the outgoing traffic over the two connections respectively. Am I incorrect in this? Will it maximize each connection if they are of difference capacities? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] winmail.dat- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Questions about Load Balancing
Hello, I am going to try Pfsense next week, it sure will be a great product. Very nice work! I have been looking for something like this for a LONG time! You might see what Cyberoam is using, to get some ideas maybe. www.cyberoam.com. The software, not the CR series. It is based on Linux or a UNIX, but very expensive! It looks great, but have not tried it yet, waiting for pfsense to leave alfa! But will try it on 190 machines in my network.Yes, I know it is ALPHA! Thanks Ciro - Original Message - From: Bill Marquette [EMAIL PROTECTED] To: support@pfsense.com Sent: Thursday, September 29, 2005 10:35 PM Subject: Re: [pfSense Support] Questions about Load Balancing Or another suggestion, something that I would do here if my second connection wasn't 10x faster than the primary is to say send gaming out one link and send browsing out the other. :) --Bill On 9/29/05, Bill Marquette [EMAIL PROTECTED] wrote: Not unique, we just don't have an easy way to implement ratio based load balancing at this time. BTW, it'd be connection based anyway, not true bandwidth balancing. I'd recommend putting some clients on one connection, some on the other and manually balance the links using rules. --Bill On 9/29/05, Wesley K. Joyce [EMAIL PROTECTED] wrote: Hi Scott, is there a solution to this? Am I unique in that I have multiple WAN connections of different capacities? Anyone have another solution? Thanks From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: Thu 9/29/2005 7:20 PM To: support@pfsense.com Subject: Re: [pfSense Support] Questions about Load Balancing Load balancing uses round robin. Scott On 9/29/05, Wesley K. Joyce [EMAIL PROTECTED] wrote: Greetings, I have a Squid PROXY server that I want to use two DSL connections that I have with. However, one of them is a 1 megabit connection and the other is a 512kbps connections. Based on what I have read on the list, I am concerned that the load balancing algorithm will NOT distribute 2/3 and 1/3 of the combined 1.5mbps for the outgoing traffic over the two connections respectively. Am I incorrect in this? Will it maximize each connection if they are of difference capacities? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]