[pfSense Support] dynamic load balancing
Hi, I am wondering, if the following would be possible - and how to start with it. I have this SDSL and ADSL connection - in where our ADSL has a download limit of 25GB/month If one bypasses the 25GB - the connection drops from 10mbits to 64kbits ! How can I make pfSense see this, so if this happens the connection switches over to the SDSL connection (being 1mbit, still better than 64kbits). ps. the SDSL connection must be preserved as much as possible - so it only should jump to the SDSL, when the ADSL doesn't go any faster than 64kbits... (or if I can use an internal counter, that checks if the 25GB limit is passed - that's also ok) Would this be possible, and where to start ? Kind regards, Michel - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] dynamic load balancing
On Thu, Aug 20, 2009 at 3:38 AM, Michel Servaes wrote: > Hi, > > > I am wondering, if the following would be possible - and how to start with it. > I have this SDSL and ADSL connection - in where our ADSL has a > download limit of 25GB/month > > If one bypasses the 25GB - the connection drops from 10mbits to 64kbits ! > How can I make pfSense see this, so if this happens the connection > switches over to the SDSL connection (being 1mbit, still better than > 64kbits). > > > ps. the SDSL connection must be preserved as much as possible - so it > only should jump to the SDSL, when the ADSL doesn't go any faster than > 64kbits... (or if I can use an internal counter, that checks if the > 25GB limit is passed - that's also ok) > > Would this be possible, and where to start ? > Only if you want to write code or a script of some sort to detect that and automatically switch. That's somewhat involved though. No easy way to do that. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] dynamic load balancing
Ermal Luçi wrote: > Not easy at all since you have to handle reboots, wrap arounds and > some other things. > I guess it is better to fund pfSense devs to implement this so you > will have it supported on further releases too. Might be able to leverage the existing vnstat package to handle most of the 'heavy lifting' there. You could also write a script that say downloads a 1MB file from somewhere at 2AM each night, and if it takes drastically longer than it should, swap routes. Not sure how the pfSense integration would work though. K signature.asc Description: OpenPGP digital signature
Re: [pfSense Support] dynamic load balancing
On Thu, Aug 20, 2009 at 9:45 AM, Chris Buechler wrote: > On Thu, Aug 20, 2009 at 3:38 AM, Michel Servaes wrote: >> Hi, >> >> >> I am wondering, if the following would be possible - and how to start with >> it. >> I have this SDSL and ADSL connection - in where our ADSL has a >> download limit of 25GB/month >> >> If one bypasses the 25GB - the connection drops from 10mbits to 64kbits ! >> How can I make pfSense see this, so if this happens the connection >> switches over to the SDSL connection (being 1mbit, still better than >> 64kbits). >> >> >> ps. the SDSL connection must be preserved as much as possible - so it >> only should jump to the SDSL, when the ADSL doesn't go any faster than >> 64kbits... (or if I can use an internal counter, that checks if the >> 25GB limit is passed - that's also ok) >> >> Would this be possible, and where to start ? >> Not easy at all since you have to handle reboots, wrap arounds and some other things. I guess it is better to fund pfSense devs to implement this so you will have it supported on further releases too. > > Only if you want to write code or a script of some sort to detect that > and automatically switch. That's somewhat involved though. No easy way > to do that. > -- Ermal - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] dynamic load balancing
could you force squid + transparent proxying to record traffic usage and use some clever squid configs and cron to change behaviour? - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] LSI boot issues - liveCD not booting
Leon Strong wrote: > Yep, i'm wondering if it's something else causing the issue now.. > > I've attached a screenshot image of where the bootup hangs (in verbose > mode)., also, the box hasn't actually "hung" if you alt-ctrl-delete - this appears to using the same driver for the controller on the Dell R300, and we've got a number of boxes running pfsense release with no problems; we're using plain old disk mirroring, nothing fancy. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] dynamic load balancing
On Thu, Aug 20, 2009 at 03:58, Paul Mansfield wrote: > could you force squid + transparent proxying to record traffic usage and > use some clever squid configs and cron to change behaviour? That assumes that nearly all of your traffic is HTTP; perhaps valid for some users, but completely not so for technical users. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Installing FULL Version on 1 gig DOM
I am not an expert, Sorry... Yes, I have a 4Gig DOM, no problem,,, What I will be doing with that image? I need the full version, because I need the FreeSwitch packagesand few others This nanoBSD has packages too? Thanks - Original Message - From: "Chris Buechler" To: Sent: Thursday, August 20, 2009 12:58 AM Subject: Re: [pfSense Support] Installing FULL Version on 1 gig DOM On Thu, Aug 20, 2009 at 12:35 AM, Manny A. Wise wrote: > Hello everyone, > I have what I belive is a very nice hardware for running pfSense.. > I installed the FULL version 1.2.2 on 4gig Transcend DOM on the only IDE > port, and pfsense work nicely > I have hear that installing on DOM is not a good idea because like CF cards > is a problem with the writes > I can install a small Microdrive on the CF slot in the botton of the unit, > but I don't know how to separte the swap partition from the system, to the > second hardrive.. the installer do not allow me to do that :( > Is any special way to do that? Should I bother at all? > How I can make the DOM read only? > or is read only already? and only the swap partition is the one who get > writes? > Just use the 4 GB nanobsd. http://snapshots.pfsense.org/FreeBSD_RELENG_7_2/pfSense_RELENG_1_2/nanobsd/ - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Installing FULL Version on 1 gig DOM
On Thu, Aug 20, 2009 at 9:43 AM, Manny A. Wise wrote: > I am not an expert, Sorry... > Yes, I have a 4Gig DOM, no problem,,, > What I will be doing with that image? > I need the full version, because I need the FreeSwitch packagesand few > others > This nanoBSD has packages too? Yes but not FreeSWITCH. It must be rw mounted all the time, so you'll have to stay with a full install. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Installing FULL Version on 1 gig DOM
OK, no problem I guess I will setup one box with a 4 gig Microdrive and another box with a 4 gig DOM and see what happen... :) Any idea where I can go to learn about making pfSense work in two separate hardrives one read only and the other read/write Thank you Manny - Original Message - From: "Chris Buechler" To: Sent: Thursday, August 20, 2009 3:01 PM Subject: Re: [pfSense Support] Installing FULL Version on 1 gig DOM On Thu, Aug 20, 2009 at 9:43 AM, Manny A. Wise wrote: I am not an expert, Sorry... Yes, I have a 4Gig DOM, no problem,,, What I will be doing with that image? I need the full version, because I need the FreeSwitch packagesand few others This nanoBSD has packages too? Yes but not FreeSWITCH. It must be rw mounted all the time, so you'll have to stay with a full install. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] XMLRPC debugging
On Aug 18, 2009, at 10:30 AM, Ian Levesque wrote: I just noticed that my two pfSense boxen aren't syncing anymore. In the logs, I see: An error code was received while attempting XMLRPC sync with username admin https://192.168.8.1:443 - Code 2: Invalid return payload: enable debugging to examine incoming payload How can I enable XMLRPC debugging and run it from the CLI? I haven't been able to figure out this problem. I've tried to do a backup of my primary router's config, and then restore it on the secondary box, but that didn't resolve the issue. Does anyone have any clue as to how I can troubleshoot this further? Thanks, Ian - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] XMLRPC debugging
On Thu, Aug 20, 2009 at 6:25 PM, Ian Levesque wrote: > On Aug 18, 2009, at 10:30 AM, Ian Levesque wrote: > >> I just noticed that my two pfSense boxen aren't syncing anymore. In the >> logs, I see: >> >> An error code was received while attempting XMLRPC sync with username >> admin https://192.168.8.1:443 - Code 2: Invalid return payload: enable >> debugging to examine incoming payload >> >> How can I enable XMLRPC debugging and run it from the CLI? > > > I haven't been able to figure out this problem. I've tried to do a backup of > my primary router's config, and then restore it on the secondary box, but > that didn't resolve the issue. You shouldn't do that, that will configure the secondary to sync to itself, which could cause problems (though we have checks that should prevent that from breaking anything). Post your configurations and maybe something will be apparent. Email them to me offlist if you prefer. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] dynamic load balancing
Only if you want to write code or a script of some sort to detect that and automatically switch. That's somewhat involved though. No easy way to do that. Thank you for the replies... guess I'll first see how things go from here - might be better to upgrade the ADSL as soon as it reaches it's limit anyway... This question belongs to the "stupid questions" - but I thought, maybe there is an easy way to do this. I still have to implement the pfSense someday - but my provider only changes IP during the day... just need to search for a good day to make this happen. (the change of IP has nothing to do with me implementing pfSense - but since this would cause troubles for everyone involved, I gather that this might be the best time to setup the pfSense anyway) Kind regards, and again thank you for looking into this one (at everyone) - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] dynamic load balancing
Michel Servaes wrote: > I am wondering, if the following would be possible - and how to start with it. > I have this SDSL and ADSL connection - in where our ADSL has a > download limit of 25GB/month > > If one bypasses the 25GB - the connection drops from 10mbits to 64kbits ! > How can I make pfSense see this, so if this happens the connection > switches over to the SDSL connection (being 1mbit, still better than > 64kbits). You might be able to pull a traffic total from the RRD file for WAN, but it wouldn't necessarily be realtime, you'd have to have a cron script check every so often, and then trigger some other script to actually run some commands to switch. This assumes, of course, that there is no accidental loss of RRD graph data for some reason. Jim - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] IGMP packet out of WAN
Old story but I can't see any progress here so decided to try to make patch by myself though it's not very straightforward for FreeBSD ports... Ermal, could you please look at https://rcs.pfsense.org/projects/pfsense-tools/repos/Eugene-igmpproxy/commits/169ff1e643cfbcd9ef6958f45b4c095547548603 and approve? I explained the problem I am trying to solve in Comments to this commit. If this commit looks ok what should be the next step to make it available for install via pfSense' gui? Thanks, Eugene. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] openvpn question
Hi, I would like being able sending an email , when somebdoy connects or disconnects to the openvpn in my pfsense router is there a way doing this with the router ? openvpn provides the capability thanks to a script, but pfsense ? Best Regards S.Ancelot - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
AW: [pfSense Support] XMLRPC debugging
-Ursprüngliche Nachricht- Von: Ian Levesque [mailto:i...@crystal.harvard.edu] Gesendet: Freitag, 21. August 2009 00:25 An: support@pfsense.com Betreff: Re: [pfSense Support] XMLRPC debugging On Aug 18, 2009, at 10:30 AM, Ian Levesque wrote: > I just noticed that my two pfSense boxen aren't syncing anymore. In > the logs, I see: > > An error code was received while attempting XMLRPC sync with > username admin https://192.168.8.1:443 - Code 2: Invalid return > payload: enable debugging to examine incoming payload > Can you remember your last change? I had this problem when a rule comment contains special characters. Check all your rules and aliases to contain only a-z,A-Z,0-9,+,-,.,(,) (some more as valid for XML (UTF8) without escaping). Regards Matthias - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] openvpn question
On Fri, Aug 21, 2009 at 2:23 AM, stephane ancelot wrote: > Hi, > I would like being able sending an email , when somebdoy connects or > disconnects to the openvpn in my pfsense router > is there a way doing this with the router ? > openvpn provides the capability thanks to a script, but pfsense ? > Best way is to syslog off to another server and do some sort of log analysis from there. I use OSSEC for that. Wouldn't be hard to create a rule in OSSEC to email on OpenVPN login log. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] XMLRPC debugging
On Fri, Aug 21, 2009 at 2:39 AM, Matthias Niggemeier wrote: > > Can you remember your last change? I had this problem when a rule comment > contains special characters. > Check all your rules and aliases to contain only a-z,A-Z,0-9,+,-,.,(,) > (some more as valid for XML (UTF8) without escaping). > I suspect that was probably a few versions back? I believe we strip any characters that will cause trouble and have for a while. Taking out any special characters wouldn't be a bad idea to try, though. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
