pfSense Load Balancing & Failover (easy mode)

Awesome explanation, and exactly what I needed to have fiber and an unlimited cell ISP backup for my home network.

Thank you very much for making this, wonderful.

Thank you, nice job!

This is really an excellent tutorial, thanks you so much for vivid explanation.

Awesome tutorial, got two gigabit links at my house and so far i've been using them standalone with their own wifi networks... will try this once the new hardware arrives 🙌

Sick tutorial

Great video. I'm about to setup pfsense for my two fiber connections. This was very helpful. Now I need to figure out how to get xcp-ng with xen orchestra installed and pfsense on my n5105 router box that just came in

I really appreciated your tutorial. It was the best one I've seen yet. I definitely wish that I had found yours before I did my setup! One thing that none of the tutorials explains, however, is what this setup actually does. I had thought, before getting mine setup and tested that is, that everything would be split between the connections, including downloads. Meaning, that part of a download, (A Linux ISO for example), would be downloaded through WAN1 and another part would come in through WAN2 to make the effective speed higher. My testing however has taught me that that is not how this works at all. If I start downloading that Linus ISO, it will download on say WAN1. If I start another download, it will come in through WAN2. It doesn't aggregate the speeds together, but it lessens the load on each connection when downloading from two or more sources at once. Hope this helps anyone that might be thinking the same I did and couldn't figure out why a test download was only using one connection.

Exactly what I was looking for. Thank you!

This is an excellent tutorial on the subject - each concept is well explained, and the presentation is not rushed. Congratulations on the result of your efforts!

Thanks 🙏

Thank you.

Thanks Bro

You should also mention about keeping ongoing sessions on the same gateway with the "sticky" option. That will prevent unwanted behaviors from some application that are receiving packets from a different gateways to crash or not work properly. That was apparent on your first bandwidth test that was load balancing a single stream on both of your gateways and you probably don't want that as application are not made to handle that properly.

Since Windows has no load balancer anymore, I just installed pfsense on hyperV with low vHardware, now I can load balanced

Can I do Load Balancing & Failover in the same time (double filter Rule load balancing & failover)?

I will be very happy if you talking about hotspot in mikrotik. I see a lot of video a bout it but non of them was realy helpful.

i have done the same settings as you shown in this video but in failover when the WAN 1goes down it is switching to WAN 2 but when WAN1comes up it is not switching back to wan1 and also link status is showing unknown or sometimes pending

Thank you for your nice procidure that you have prepared for Load Balancing it was awsome,
I have a question how to setup two public IP addresses with same gateway on pfsense, each public IP address should give web and ssh access to each server, also each server should have communications Locally , your feedback is highly apperciated.

Great Tuorial, i have made the same Configuration. But if ich change the Gateway in Advanced in "Balanced", my internal Servers (Nextcloud, Bookstack) are unreachable (mapped per Port Forwarding long time ago). If i change it so default it works again. Someone know the Problem? Thanks.

Nice video TNB. This is out to peeps that have been running PfSense for a long time. I have 2 different setups of PfSense where their failover connection is running from an LTE device. I have email alerts watching primary and secondary connections. What I find common with using LTE connections is that they drop out intermittently early hours of the morning. One can also say off peak hours. Would like to know if anyone else is experiencing this as well?

can i do load balancing and failover active at the same time?

Plz make a video on BGP configuration in pfsense thank so much

This is an excellent tutorial , but when some one on lan playing online it will be balanced or assigned to one of the 2 wan's

How do you actually load balance incoming VPN connection? Is it possible to do failover of wan and be able to reach on prem services somehow?

i want to configure dual-wan without load-balancing and failover, can you help me ?

hello , i have question , i want to set mikrotik as load balancer as port forwarding service , is it easy ? to load balance as port forwarding system to connect vpn servers .

Hi, I know this is an old video but maybe somebody will be able to help me out?
I work at a small company (around 20 people) and for reliability sake we want to have a secondary WAN connection. We're still discussing wether to make it a load balancing configuration or a failover one. My main concern with load balancing is that we have a bunch of self-hosted services that rely on a dynamic DNS (desec), since we don't have a static IP, a custom script updates our DNS anytime the public IP changes. Would there be any way to make that setup work with a load balancer? since the traffic is constantly switching between gateways. To me, failover would be easier since the moment the new gateway kicks in the dns is updated and that's it... but would be kind of "wasteful" if it's not being used while both providers are up. Thanks in advance to anyone that may help me out!

Can you make a video where you compare fortigate and pfsense, which is better

Why can't we just change the default gateway instead after creating the group? is there a significant difference when changing it compare to going to Firewall Rules and changing every LAN rule's gateways? I hope someone could answer.

How about failing back? Let say my wan 1 is faster by 90 percent it goes down failover to wan 2 with just 10 percent of the speed, wan 1 goes up again will it failback?
Edit:
Failover and load balance works on untunneled network but not in wireguard. Is there a solution for that?

Does anyone know the advantages or disadvantages in using LAGG in Failover mode versus using Gateway Groups and Load Balancing to achieve a similar result? I've been having a difficult time making a decision on which one to implement, and I think I'm just going to go with Load Balancing as demonstrated in this video because it seems to offer more specific control over when and how to trigger a failover event. Are there circumstances where LAGG Failover is preferable?

What happens when the primary line comes back online again? In my home setup, the failover doesnt make the primary WAN the defauly gateway again, even when the primary WAN is back online.
Any way to tell pfSense to force the primary gateway back to the primary WAN once its back online again?

Just pinning this comment with some suggestions and reference material:
Docs:
docs.netgate.com/pfsense/en/latest/multiwan/load-balance-and-failover.html
!!!NB!!!
Similar to issues you may face when using ECMP/PCC on a MikroTik or other routers, many sites like banks that are security minded might freak out if you are sending multiple sessions from different source IPs. IE you log into your bank site on one session from one WAN IP, and then you are on the internet banking services on another session from a different WAN address. This sometimes tends to break the connection. It is recommended to create a rule for these security minded sites to rather connect using a Failover Group instead of a Load Balance group if you still want redundancy, alternatively you could just use the default connection to still get there. This way the sessions will be coming from a single source IP and should not cause issues. More details in the reference materials.

What pfsense hardware are you using not sure what is best to get

Comparing to mikrotik which is more flexible