argint
asked on
pfsense load balance
Hi - I have a bsaic question regarding pfsense and load balancing dual wans.
We are getting a leased line, and we already have an ADSL connection. I know that the pfsense unit can do some sort of laod balancing. I would be happy if it could be configured to load balance Incoming traffic across all hosts connected to the LAN. Ie, speraed the bandwidth.
Can someone tell me if this is possible, and how I can do it?
Many thanks in advance
Argint
We are getting a leased line, and we already have an ADSL connection. I know that the pfsense unit can do some sort of laod balancing. I would be happy if it could be configured to load balance Incoming traffic across all hosts connected to the LAN. Ie, speraed the bandwidth.
Can someone tell me if this is possible, and how I can do it?
Many thanks in advance
Argint
ASKER
Hi there, Just back and saw the reply. Well, I had read those documents, but being new to pfsense, i couldnt quite work out if one could only load balance to indidual servers. What I was hoping for is to be able to connect bother our internet connections and have incoming bandwidth shared across all lan users for download.
We are less concerned about upload.
Anyone ever achieved this?
Regards
ARgint
We are less concerned about upload.
Anyone ever achieved this?
Regards
ARgint
Pfsense lets using two WANs more as a redundancy than speed up. If you get 2 x 2 M you won't have a 4 M connection.
But pfsense has a realy nice traffic shaper. You can use it to distribute bandwidth between users equally (and kill p2p maniacs if you have them like I do).
http://doc.pfsense.org/index.php/Traffic_Shaping_Guide
Unfortunately to shape more than one WAN you need pfsense 2.0 which is still in Beta (not for long now, it should come as final this year).
I'm using pfsense exlusevily on 3 locations, 2 of them have crappy adsl bandwidth and pfsense really does the job (before deploying pfsense I did not know how much upload is used for ACKs when downloading).
You could try the Beta (if your environment istn't crucial) or wait for final version. Nonetheless stick with pfsene as it is a great product, free and heavily developed (with stable Unix engine inside, my boxes have like 150 days of uptime just because I reboot them twice a year, no need to do anything more).
Cheers
But pfsense has a realy nice traffic shaper. You can use it to distribute bandwidth between users equally (and kill p2p maniacs if you have them like I do).
http://doc.pfsense.org/index.php/Traffic_Shaping_Guide
Unfortunately to shape more than one WAN you need pfsense 2.0 which is still in Beta (not for long now, it should come as final this year).
I'm using pfsense exlusevily on 3 locations, 2 of them have crappy adsl bandwidth and pfsense really does the job (before deploying pfsense I did not know how much upload is used for ACKs when downloading).
You could try the Beta (if your environment istn't crucial) or wait for final version. Nonetheless stick with pfsene as it is a great product, free and heavily developed (with stable Unix engine inside, my boxes have like 150 days of uptime just because I reboot them twice a year, no need to do anything more).
Cheers
I concur :)
I had a pfSense running for over a year, the only reboot being due to an 8 hour power outage that was totally unplanned and we didn't have a generator backup at the site! A really solid platform, which is pretty feature-rich. Captive Portal and CARP make it a serious contender...
I had a pfSense running for over a year, the only reboot being due to an 8 hour power outage that was totally unplanned and we didn't have a generator backup at the site! A really solid platform, which is pretty feature-rich. Captive Portal and CARP make it a serious contender...
ASKER
Yes, pfsense has been rock solid for us, never falling over, Ive reset it just to test if it comes back up ok and it works a charm. Ive nothing but respect for this project. What I would like to do is buy 2 more and set up siste to site comms with our smaller offices. Presenlt I use log me in, take over a machine and look at the firewall, i could do this all with 3 pfsense boxes.
Failover would suffice to be honest, i should look in to this but sharing the bandwith of our cheaper secondary adsl connection would be even better.
Do i basically read this cannot be done? I do understand that we dont just add up the bandwidth and get faster, but we have a fatter pipe at the same speed to accomodate more load.
Is this correct?
I would like basic instructions on doing it if anyone already has.
Regards
Argint
Failover would suffice to be honest, i should look in to this but sharing the bandwith of our cheaper secondary adsl connection would be even better.
Do i basically read this cannot be done? I do understand that we dont just add up the bandwidth and get faster, but we have a fatter pipe at the same speed to accomodate more load.
Is this correct?
I would like basic instructions on doing it if anyone already has.
Regards
Argint
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thankyou for your feed back. the common thread i sense is our agreement that pfsense is a fantastic product.
regards
argint
regards
argint
By all means :)
For outbound traffic you might want to have a look at this guide
http://doc.pfsense.org/index.php/Multi_WAN_/_Load_Balancing
Inbound load balancing is covered in this document:
http://doc.pfsense.org/index.php/Inbound_Load_Balancing
Does this help or do you need more information?