I have done some testing today with inbound NAT and carp
And round robin load balancing to test web servers.
I added the following and it seems to work fine on bsd.
Following presumptions
#########################
rl1= wan
192.168.2.2 = carp virtual ip
Below was the test.
##################
###### Added a alias of two ip addresses
webservers = "{ 192.168.1.2/32 192.168.1.3/32 }"
##### added to following rdr rule
rdr on rl1 proto tcp from any to 192.168.2.2 port 80 -> $webservers port
80 round-robin sticky-address
##### added also the following pass rule
pass in quick on $wan proto tcp from any to { 192.168.1.2/32
192.168.1.3/32 } port = 80 flags S/SA keep state queue (qWANdef,
qWANacks) label "USER_RULE: NAT http test"
-----Original Message-----
From: Bill Marquette [mailto:[EMAIL PROTECTED]
Sent: 22 July 2005 06:16
To: Scott Ullrich
Cc: alan walters; [email protected]
Subject: Re: [pfSense Support] round robin on inbound nat
On 7/21/05, Scott Ullrich <[EMAIL PROTECTED]> wrote:
> Use carp with the arp load balancing feature. Technically it should
> sync across there but there is a outstanding bug with XMLRPC that
> we're looking at.
>
> Scott
Wrong feature :) CARPs arp load balancing will only load balance
inbound to the firewall (if setup correctly) from a directly connected
network. What alan wants (if I understand correctly) is the ability
to put two (or more) servers on a port forward rule. That's part of
the load balancing code I'm working on - not ready yet :) Try again
after Aug 7th.
--Bill
>
>
> On 7/21/05, alan walters <[EMAIL PROTECTED]> wrote:
> >
> >
> >
> > I would like to try and test an inbound round robin to our test web
servers.
> >
> > Would it be possible to put a shell command In to do this.
> >
> >
> >
> > If so would this sync across a carp array.
> >
> >
> >
> > Look forward to your replies
> >
> >
> >
> >
> > --
> > No virus found in this outgoing message.
> > Checked by AVG Anti-Virus.
> > Version: 7.0.323 / Virus Database: 267.9.2/53 - Release Date:
20/07/2005
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
