pfSense load balancer


I have 1 public IP address and 4 mail servers.
In pfSense I want to create an allias with all the VMs internal ip and then create a NAT rule to forward imap, imaps etc… traffic to all the mail server. This will only work as long as pfSense can detect if a server is down and not forward packets to that server.

So my question is this, can I use the built-in pfSense load balancer service in order to achive that?

Thank you

1 Like

pfSense’s load balancer is HAProxy.

In theory it should work with HAProxy, however possibly this is something you want to check on over at the HAProxy forums. HaProxy does check for the “existence” of backend servers and if they are “up”. It can perform this check using a variety of methods. I’m aware if it senses the backend server to be “down” it will not forward packets to the mail server.

1 Like

@kevdogin When I create the pool, I selected ‘SMTP’ for the Monitor is that correct?
when it ask for the ‘Server IP Address’ is that the IP address of the VMs? I am asking because I am not sure the difference with the betwee the server IP in the pool and the tab about virtual servers.
Are the virtual servers the VM IP as well? do I enter them twice

I’m not sure what tab you are specifically speaking about.

Install the HAProxy developmental package since its newer (both packages unfortunately are really old, I wish pfsense would upgrade – another story).

Under HAproxy configure the backend – name the pool and then under servers list each server with whatever options are appropriate for your application.

In terms of Health checking method – I’m really not too sure with SMTP servers since I’ve only configured web servers on the backend and used HTTP as the check method.

What ever method you decide to use, make sure under global section (Which pfsense refers to as just Settings, set the internal stats port to a value like 2200. With this option available its possible to see the status of your servers under the stats of statsFS tab. This graph will give you a good idea if HAproxy can see your servers and registers them as up.

1 Like

Thank you @kevdog.
So i need to delete all that I have done in the ‘native’ pfSense load balancer, install the haproxy addon and follow the steps above correct?

Hmm, I want to be careful here since I know only about HAproxy and not the other load balancer you are speaking about. I’m only suggesting HAproxy as an alternative. I can’t really speak of the pros and cons without knowing the other implementation.

Hi @kevdog for now I decided to stick with the pfSense native way of doing so I have fewer chances to break anything.

I’ll get it started and post any issue I might encounter back here for help.

1 Like

Great, I’d love to hear the feedback and a working solution. Good luck

1 Like