Ever wanted to load balance between hosts with ease? pfSense has you covered and will have you up-and-running within ten minutes or less! Let’s take a look at our lab topology:
We’ll start by navigating to the pfSense box. Click on Services and then Load Balancer.
We’ll go ahead and add a new pool by clicking the Add button.
On the new pool page, we’ll create a pool that contains our two web servers: WEB-01 (192.168.1.101) and WEB-02 (192.168.1.102). We’ll make sure to select HTTP as the monitor. This ensures that if either web server was no longer responding on port 80, it will be temporarily taken out of the pool. After we’ve created the pool, we’ll save and apply the change.
Now, we’ll click on the second tab: Virtual Servers. This “virtual server” will be what the user visits. We’ll give it a name, set an IP address (what the user will access), the port (80 since we’re doing HTTP only), and we’ll set the virtual server pool to the pool that we created in the last step.
Last but no least, we’ll need to add a virtual IP (or vIP) to our pfSense box. This will allow pfSense to respond to traffic on an IP other than its own. Navigate to the Firewall menu and then select Virtual IPs. Click Add.
Select IP Alias and setting the interface to WAN. Now, we’re ready to set the IP address that users will access our web server by. For this example, it will be 10.211.55.10. Save and apply.
Now, open a web browser and navigate to the vIP that we setup above. As seen in the screenshots below, the first page load shows WEB-02 and the second page load shows WEB-01. The pfSense box will direct users to one of the two instances based on traffic. Of course, the differing content is just for this example. In reality, both of your web servers would contain the same content.
You can also confirm by curling the URL. As seen below, we get the same result; we’re balanced between the two web servers.
curl http://10.211.55.10 > WEB-02 (192.168.1.102) curl http://10.211.55.10 > WEB-01 (192.168.1.101) curl http://10.211.55.10 > WEB-02 (192.168.1.102) curl http://10.211.55.10 > WEB-01 (192.168.1.101)