Hi folks
We are replacing a black box multi-wan FW appliance with 2.1 running
on one of our boxen. Our config is multi-wan (ipv4 only), and we want
to do load balancing (asymmetric, by the bandwidth ratio). We'll have
standard desktop and server machines running behind it, as well as SIP
phones.
I'd set up non-load balanced units before with CARP and VIPs for
failover. This is a single unit for the moment, though we might do the
CARP with VIP for failover here as well at some point (I might just set
up one side, so I can do the other side later on).
I looked at the multi-wan docs
https://doc.pfsense.org/index.php/Multi-WAN_2.0
https://doc.pfsense.org/index.php/2.1_New_Features_and_Changes#Multi-WAN
https://doc.pfsense.org/index.php/MultiWanVersion1.2
http://www.netlife.co.za/tech-guides/46-linuxoss-and-networking/34-bsd-dual-wan-router-using-pfsense.html
http://www.netlife.co.za/tech-guides/46-linuxoss-and-networking/47-advantagesdisadvantages-of-dual-wan-routing.html
Basically my questions are on the setup side for a single box in the
CARP scenario. I am assuming that the following is the right path,
based upon the documentation
1) setup a gateway group using both WANs. The documentation sometimes
refers to setting up 3 gateway groups for failover and load balance. Is
this still recommended?
2) when we create the WAN connections, is it necessary to provide a
default gateway for a port? That is, I have 2 WANs, call them WANa, and
WANb. During setup WANa is the initial default WAN, and it requires a
gateway to be setup. During config of WANb (one of the OPT interfaces),
a gateway is not required per se, but may be configured.
This question boils down to this. Should I configure a WANa and WANb
default gateway (thats default for the WAN connection)? It seems that
both should have it, but I am not entirely sure.
3) SIP and related configuration: Do we need to do anything special
with outbound NAT (maybe point to the gateway group rather than the
default GW), and have the states be sticky for a particular path (so if
they start going out WANb, that session remains going out WANb so as not
to break things, absent a failure of WANb)?
4) are there any updated tutorials on this, or should I use the 2.0 doc
from above?
Thanks in advance!
Regards
Joe
--
Joseph Landman, Ph.D
Founder and CEO
Scalable Informatics, Inc.
email: [email protected]
web : http://scalableinformatics.com
http://scalableinformatics.com/siflash
phone: +1 734 786 8423 x121
fax : +1 866 888 3112
cell : +1 734 612 4615
_______________________________________________
List mailing list
[email protected]
http://lists.pfsense.org/mailman/listinfo/list
