Hallo, I have two internet connections and I want to use both with a
round-robin load balancing, only for outgoing connections. I found
on the web various solutions, but I did not manage to modify them
for my scenario. One internet
connections is a normal adsl, there is a modem that I connect to
There is documentation and a quick-and-dirty example in the PF
User's Guide:
http://openbsd.org/faq/pf/pools.html#outgoing
On Tue, Aug 23, 2011 at 03:00:51AM -0700, elerdin wrote:
Hallo, I have two internet connections and I want to use both with a
round-robin load balancing, only for outgoing
Jose Mejia wrote:
Hi all here we go again with that matter :
We've a firewall with 4 interfaces (2 outside to two differents routers and
ISPs,1 inside and 1 DMZ),the machine is running a Squid web proxy too, we
wanna make balancing on outgoing connections only for the web traffic, we
have
Hi
Since all interfaces have 192.168.x.x ips then are you sure whats are
ips and netmasks ot you routers.If you routers have different netmask
than yours.
Please use pfctl -vsr and see what rules are evaluationed.Use pftop
from ports to debug connections.
Cheers
Tihomir
--- Jose Mejia [EMAIL
Hi Tihomir...thks for the response
I think SQUID is running fine, my default gw is ext_if, I was playing with
multipath too without
results.the conf file is really in disorder due to the try-out and
continous changes, I'm sorry
Now I'm not with the machine, but tomorrow I'll post
--- Jose Mejia [EMAIL PROTECTED] wrote:
Hi all here we go again with that matter :
We've a firewall with 4 interfaces (2 outside to two differents
routers and
ISPs,1 inside and 1 DMZ),the machine is running a Squid web proxy
too, we
wanna make balancing on outgoing connections only
Down rule will work if your default gateway is on $ext_if
pass out quick on $ext_if route-to ($ext_if2 $ext_gw2) from any to any port
www keep state probability 50%
It doesn't work either, I didn't debug it, but it seems packets going out
from ext_if2 are coming back to ext_if 1 too
The
Hi all :
We've a firewall with 4 interfaces (2 outside to two differents routers and
ISP,1 inside and 1 DMZ),the machine is running a Squid web proxy too,
we wanna make balancing on outgoing connections only for the web traffic, we
have get to do that, and now the packets are going out on ext_if
[EMAIL PROTECTED] wrote:
Hi all :
We've a firewall with 4 interfaces (2 outside to two
differents routers and
ISP,1 inside and 1 DMZ),the machine is running a Squid web proxy too,
we wanna make balancing on outgoing connections only for the
web traffic, we
have get to do that, and now the
Hi Stevethat's the problem, maybe the NAT rules are not right, (i've
tried with others without result)
but i think the key is in the stateful inspection...or maybe all the
idea is not well configured
Greetings
Jose M
Hi all :
We've a firewall with 4 interfaces (2 outside to
Lucas wrote:
i have done it this way, but still have some problems:
10.1.1.1 (M)
|---gw1 - |
LAN--| || - WAN
|---gw2 - |
(10.1.1.1) (B)
gw2 just have a backup carp interface
gw1 is carp master with
i tried with it, but it works if i have a machine in the middle. like this:
GW2
LAN - obsd (load balancer with route-to) -- GW1 WAN
Hi
Can you post your pf.conf and output from ifconfig?
--- Lucas [EMAIL PROTECTED] wrote:
i tried with it, but it works if i have a machine in the middle. like
this:
GW2
LAN - obsd (load balancer with
On 09/22/2005 04:51:37 PM, Lucas wrote:
i have done it this way, but still have some problems:
I am sorry. I'm afraid I may not have understood your
initial diagram. (I like to see the machines, with
each interface and it's assigned IP, and the network
number/netmask of the networks
i have done it this way, but still have some problems:
10.1.1.1 (M)
|---gw1 - |
LAN--| || - WAN
|---gw2 - |
(10.1.1.1) (B)
gw2 just have a backup carp interface
gw1 is carp master with 10.1.1.1
nat is
hi list,
i'm working with 3 gateways and want to load balance between them.
after a failure with layer 2 (carp arpbalance) balancing, i tried to do
it with pf.
the most logical way to do it is with a machine before the gateways
distributing the load.
there's a way to do it without adding a
On Wed, 21 Sep 2005 17:05:23 -0300
Lucas [EMAIL PROTECTED] wrote:
i'm working with 3 gateways and want to load balance between them.
after a failure with layer 2 (carp arpbalance) balancing, i tried to
do it with pf.
the most logical way to do it is with a machine before the gateways
Hi all,
I'm in the process of setting up a group of load balanced servers, and
I've come across something (I think) is a bit unusal with macros and
tables and load balancing.
I use tables fairly extensively in our two 3.6-stable OBSD pf/CARP
firewalls, and I'd like to use them in configuring our
On Wed, Mar 23, 2005 at 10:47:34PM -0800, Kevin wrote:
yet this does not:
rdr on $ext proto tcp from any to web_servers_ext port 80 - \
web_servers_int round-robin sticky-address
There was a bug fixed recently where pf would fail to select a
translation when a rule did
yet this does not:
rdr on $ext proto tcp from any to web_servers_ext port 80 -
\
web_servers_int round-robin sticky-address
There was a bug fixed recently where pf would fail to select a
translation when a rule did not have an explicit (or implicit) address
Sigh. I thought I had pf@ cc'ed, but I didn't. sorry :(
---
Thanks for taking the moment to respond, I appreciate it.
I'm not aware of any specific plans or ongoing work in that area. Maybe
start with evaluating the features pf has right now, and give us an idea
of what is missing for your
Hey all,
I just spent about an hour and a half checking the associated mailing
lists. I apologize ahead of time in case I missed a recent discussion.
My company is starting to evaluate new firewall/load balancing options
to replace our aging and obfuscated infrastructure. We're looking at
On Mon, Nov 15, 2004 at 05:22:36PM -0500, dormando wrote:
I understand there's software like slbd which will add/remove servers
from a round-robin mechanism, but I would like to know if there are
any current plans for expanding on PF's internal load balancing
systems? I won't put out a
Hello,
Having some trouble here with mail when I try to implement outbound
load-balancing. I am following the example for outbound load balancing in
the
pf User's Guide. But I have changed it to be special for SMTP, to ensure
that
all mail is sent and received from the same IP which is
On Aug 7, 2004, at 03:05, Reza Muhammad wrote:
binat on $ext_if1 from $server_int to any - server_ext
Why do you need this line? I'm currently doing a simply RDR (like you
do further in your pf.conf) and have a PASS rule. Here are the relevant
lines from my pf.conf:
[...]
rdr on $ext_all proto
Hello i had extrange hang up on my openbsd box.
I want to route some networks to one internet isp (isp1), and others to
isp2.
Here is my network diagram (what i want)
|-- ISP1
my network
26 matches
Mail list logo
