[pfSense] server load balancing config for VIP?
jschmidt at linuxi86.net
Mon Feb 13 17:44:55 EST 2012
On Mon, 13 Feb 2012 16:57:16 -0500, Jim Pingle <lists at pingle.org>
> On 2/13/2012 4:26 PM, jschmidt wrote:
>> I'm trying to replace a single server on a 1:1 NAT to a pair of VM's
>> using the pfSense load balancer.
>> Going "by the book", I created the pool, then the virtual server.
>> As I already had the VIP set up for the previous 1:1 NAT, I left the VIP
>> and removed the 1:1 NAT mapping.
>> I then created an alias for the pair of internal hosts and removed the
>> old rule to the single server.
>> Lastly, I created a WAN rule with the new alias as the destination.
>> The virtual server status seems happy; both hosts show 'Online', but no
>> traffic flows to either of the hosts from outside.
>> Grasping at straws, I created another WAN rule to the outside VIP, still
>> Did I miss a step, or is the load balancer not designed to work on
>> anything but pfSense's outside IP (as opposed to another one of my /29
> What type of VIP did you use? The load balancer would need to bind to
> the IP, so either IP Alias or CARP VIP would be required.
> Otherwise what you describe sounds fine, though your firewall rules need
> to use the external IP as the target, where with 1:1 the target was the
> internal IP.
Jim, thanks for the quick response.
as I said, I left the VIP as it was for the 1:1 NAT, which was PARP. I
guess I didn't pay much attention to the type, as it was working before
w/ the 1:1 NAT...
So I can just re-config that VIP type from PARP to Other?
I'll take your word on which rule should work (since I've got 'em both
set up already), but your book clearly states in section 184.108.40.206 and in
the web server example that follows that the rule points to the inside
addresses (the alias). Is this due to my use of a different WAN IP than
the pfSense box?
More information about the List