On 9/24/07, Paul M <[EMAIL PROTECTED]> wrote: > Hi, > Having successfully used pfsense as a clustered firewall with CARP for > external and internal shared IPs, I am trying its load balancing feature > to manage a pool of web servers. > > So, created a pool with 2 httpd's, and it works. However, when I killed > httpd on one box, I got a few errors when connecting from outside world > for about five seconds, and then pfsense failed over to the other box. > > Thus I would like to ask > 1/ how quickly should pfsense discover one of the units in the pool is dead?
5 seconds > 2/ why didn't pfsense pick up the dead unit when I connected and know to > redirect, or at least only fail the once? Nope. The load balancing is performed by pf which has no concept of dead servers. The actual monitoring is performed in userland and the rules modified based on detection of dead servers. > 3/ can I tune the timers, can I add weights to favour one server over > another, can I make the load balancer interrogate the web servers to > determine their loading and not just that there's a tcp listener? Nope. I might be convinced to make the timers a tunable. And I believe someone did try to do ratio style load balancing by adding the same server multiple times (I'm pretty sure the ratio load balancing works, I'm not sure if we actually allow for it in the UI). > I am sure I am asking too much of pfsense loadbal, but I just need to > get an idea of whether it will be useful initially under I need to go > get a fully-featured complex load bal. Well, pfSense is a firewall, not a load balancer. It was "easy" to add simple load balancing features, going any further would be a significant undertaking and in my opinion would distract from the goals of pfSense. I suppose the main questions here are how important it is that you have more frequent polling (which btw, will increase the load on the web servers since we'll be hitting them more frequently), how important the "better" load balancing features are to you, and how much you're willing to spend. --Bill --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
