pfsense load balance

Hi - I have a bsaic question regarding pfsense and load balancing dual wans.
We are getting a leased line, and we already have an ADSL connection. I know that the pfsense unit can do some sort of laod balancing. I would be happy if it could be configured to load balance Incoming traffic  across all hosts connected to the LAN. Ie, speraed the bandwidth.

Can someone tell me if this is possible, and how I can do it?

Many thanks in advance
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Are you wanting to load balance outbound http traffic or inbound?

For outbound traffic you might want to have a look at this guide

Inbound load balancing is covered in this document:

Does this help or do you need more information?

argintAuthor Commented:
Hi there, Just back and saw the reply. Well, I had read those documents, but being new to pfsense, i couldnt quite work out if one could only load balance to indidual servers. What I was hoping for is to be able to connect bother our internet connections and have incoming bandwidth shared across all lan users for download.

We are less concerned about upload.

Anyone ever achieved this?

Pfsense lets using two WANs more as a redundancy than speed up. If you get 2 x 2 M you won't have a 4 M connection.

But pfsense has a realy nice traffic shaper. You can use it to distribute bandwidth between users equally (and kill p2p maniacs if you have them like I do).

Unfortunately to shape more than one WAN you need pfsense 2.0 which is still in Beta (not for long now, it should come as final this year).

I'm using pfsense exlusevily on 3 locations, 2 of them have crappy adsl bandwidth and pfsense really does the job (before deploying pfsense I did not know how much upload is used for ACKs when downloading).

You could try the Beta (if your environment istn't crucial) or wait for final version. Nonetheless stick with pfsene as it is a great product, free and heavily developed (with stable Unix engine inside, my boxes have like 150 days of uptime just because I reboot them twice a year, no need to do anything more).

Hey MSSPs! What's your total cost of ownership?

WEBINAR: Managed security service providers often deploy & manage products from a variety of solution vendors. But is this really the best approach when it comes to saving time AND money? Join us on Aug. 15th to learn how you can improve your total cost of ownership today!

I concur :)

I had a pfSense running for over a year, the only reboot being due to an 8 hour power outage that was totally unplanned and we didn't have a generator backup at the site!  A really solid platform, which is pretty feature-rich.  Captive Portal and CARP make it a serious contender...
argintAuthor Commented:
Yes, pfsense has been rock solid for us, never falling over, Ive reset it just to test if it comes back up ok and it works a charm. Ive nothing but respect for this project. What I would like to do is buy 2 more and set up siste to site comms with our smaller offices. Presenlt I use log me in, take over a machine and look at the firewall, i could do this all with 3 pfsense boxes.

Failover would suffice to be honest, i should look in to this but sharing the bandwith of our cheaper secondary adsl connection would be even better.

Do i basically read this cannot be done? I do understand that we dont just add up the bandwidth and get faster, but we have a fatter pipe at the same speed to accomodate more load.

Is this correct?

I would like basic instructions on doing it if anyone already has.
Yes, you are correct. You can provide more connections on same bandwidth without dropping queues.

Here is a tutorial about Multi Wan Load Balancing (it's for pfsense 1.2.x)

Here is a tutorial about traffic shaping (which I higly recommend)

There are also few nic tips here,11986.0.html

If you have Squid it can look strange (it takes up to 10 minutes to load Status-Queues) to show working traffic shaper. But it still works (at least I think it does). Someone posted a tutorial howto do it properly,14436.0.html

Unfortunately you have to get 2.0 to do this on Multi Wan like I wrote before.

Since you plan to do failover anyway, try the Beta. They've been working on it for fairly long time and I think you may find it decent enough. Or just install tested 1.2.3 and do multi wan without traffic shapping and see the performance. If it's enough for you there's no need to reinvent the wheel.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
argintAuthor Commented:
thankyou for your feed back. the common thread i sense is our agreement that  pfsense is a fantastic product.
By all means :)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.