Using outbound/gateway load balancing? Please vote!

April 17th, 2008 by Chris Buechler

If you use outbound load balancing, please vote in this poll. We’re investigating potential problems with the sticky connections option and need to gather information.

18 Responses to “Using outbound/gateway load balancing? Please vote!”

  1. Vladimir Says:

    im use two adsl modem at this time. i, use debian. plane to use pfsense.
    can pfsense balance internet taffic between two (or more) adsl modems?

  2. Vladimir Says:

    im plane to use outbound/gateway load balancing!

  3. David Says:

    We are using 2Wan outgoing load balancing for 8 months or so (port 80 and 21 only) for our LAN and LAB networks and it’s working most of the time, but if we make changes of any the rules after a couple of weeks with no restart we experiencing problems in the lab net until we restart the pfsense and everything is back to normal again.

  4. shantanu Says:

    We use dual WAN load balancing. We face intermittent problems – typically when -
    1. Any one of the ISP’s gateways fails but their link to our system is up.
    2. The system is abnormally powered off.

    In either case, restoring system from backup does not help. One needs to delete all the load balancing setup and start from scratch.

  5. Chris Buechler Says:

    There are no known issues with the load balancer other than possibly sticky connections. Load balancing can be a complex feature to configure properly though depending on specifics of the setup, and if not configured properly it will misbehave in various ways.

    Vladimir: yes, an unlimited number of WAN connections are supported. Please take any further questions to the mailing list or forum, we won’t moderator approve any further questions here.

    shantanu: Never heard of anything remotely like that, and it’s definitely not related to this issue. You should bring it up on the list or forum.

    David: also never heard of anything like that, another good candidate to take to the list or forum. that could be stale states, resetting the firewall state table will accomplish the same thing as rebooting if that’s the case.

  6. David Says:

    10x Chris, I’ll check it out next time it happens, it does not happens a lot as we don’t change the configuration to often.

  7. Chris Buechler Says:

    We just added a change for 1.3 yesterday to drop all states to a failed WAN connection, if that’s what you’re seeing David that might help. Though generally the only things that break with failed states are things like constant pings, and some IP phones which maintain constant connectivity and communicate enough that their states on the failed WAN never time out. This isn’t a problem for most services (HTTP, HTTPS, SMTP, and most others) because the nature of most protocols is their states are short lived.

  8. David Says:

    I think that I haven’t been clear enough, the connectivity issues that we experienced were traffic from the LAB did not flow to the LAN and back until we restarted the FW. Not from the load balanced side.
    We are not experiencing these problems since we upgraded to the 1.2 release and the FW is up for 33 days now. I did not changed the configuration a lot so……I can’t say if the problem fixed
    But I can say that the FW was under a great load and survived as we transferred 500 GB of data by ftp over WAN2. And 50 GB of date by ftp in a PPTP tunnel over WAN1.
    Where can I download the 1.3 version for testing?

  9. Chris Buechler Says:

    1.3 is not yet publicly available, watch here for updates.

    David, sounds like further discussion of the issue you’re seeing should be brought up on the forum or list, and maybe we can get to the bottom of it.

  10. David Says:

    10X
    I’ll take it there.

  11. Jose Amengual Says:

    Hi.

    I’m going to use with two internet wan connections.

    There is a lot of issues in LBs with , DHCP configurations, States in pf after one of the links fails, routing services on one of the links when the two connections are up etc.

    But for sure I will give it the try.

  12. Chris Buechler Says:

    Jose: the only issue of those you mentioned with a properly configured load balancing setup in pfSense 1.2 is not clearing the states on failed connections, which as stated above typically isn’t a problem.

    I’m sure you can find people having all those problems at some point in the forum due to misconfiguration, but they aren’t problems with the system.

  13. Jose Amengual Says:

    Thats cool.

    I will try the version 1.2 to see what happened, I didn’t try after my first time so I will let you know how goes with 1.2v.

    That is another reason of why I’m taking the tutorial in the BSDCan :)

    Can you differentiate traffic , like Voip to go to one of the wan links ? ( no only 5060, rtp too )

    Thanks

  14. DuroM Says:

    Hi All,
    first of all I want to say THANKs a lot for pfSense. I use m0n0wall for approx 4 years. I use 2 WAN based on ADSL and now I have two m0n0walls on it. I try and planned to envolve pfSense for 3 times starting with 0.9 version.
    It looks good, but what is my problem it is Bandwidth Sharing Policy. I need make it possible for two LAN and two WAN and configuration of this is quite difficult (LAN to WAN, LAN to WAN1, LAN1 to WAN and LAN1 to WAN1)…
    I am trying to prepare some scripts by my self for this kind of work, but….until now I havenot it. Is there some thinking about this kind of automatization in pfSense workload…

    Thanks a lot DuroM

  15. Chris M Says:

    I have just installed pfSense and am finding it simply terrific. I will be using it for load balancing 2 WAN connections, one PPPoE and one DHCP. I have used a few consumer dual-wan products, only to find that they are all “very young” and do not do as they are instructed. pfSense appears to have excellent options, and great control. So far, it is looking very good.

  16. Kambeeng Says:

    I am from indonesia.. I am use pfsense for load balancing, i am use 2 ADSL , and its greats.. my internet connection more faster.

  17. Michael Says:

    As I understand it, the topic of this vote is supposed to be about load balancing WITH “sticky connections”, not just simply load balancing.

    My set up is:
    WAN1=static via PPPoE type
    OPT1=DHCP via Cable type

    I am using pfSense 1.2 and I am definately having a problem when “sticky connections” is activated. If it is activated, I get random loss of traffic on my WAN1 connection. If I disable “sticky connections” the problem goes away.

    The idea behind “sticky connections” is excellent, and it would save us from the problems of accessing secure sites and getting dropped, like say when you’re logged in to your bank account and two requests come from different WAN IP addresses.

    I am open to being contacted for further testing.

  18. Chris Buechler Says:

    Random loss of traffic is indeed the issue, we’re going to have to prohibit sticky connections for the time being until someone can track down the issue in FreeBSD.

Please don’t post technical questions or off-topic comments. It is far more likely that your questions and concerns will be addressed effectively through one of our support channels.

Leave a Reply