Todo #9386

Deprecate built-in relayd Load Balancer

Added by Jim Pingle about 2 years ago. Updated over 1 year ago.

Load Balancer
Target version:
Start date:
Due date:
% Done:


Estimated time:
Release Notes:


As of now, relayd does not function on FreeBSD 12 due to OpenSSL 1.1.x. The port is currently marked BROKEN for FreeBSD 12 and later. It has been this way since October, and there isn't any apparent sign of work to make it compatible with OpenSSL 1.1.x (no open PRs, no discussions on the ports list I could see).

Since HAProxy can do nearly everything the majority of users want from relayd (and does it better), in these circumstances the best move is to deprecate the relayd-based load balancer in favor of the HAProxy package.

Subtasks include:

  • Remove Load Balancer code
    • Config pages (usr/local/www/load_balancer_monitor_edit.php usr/local/www/load_balancer_monitor.php usr/local/www/load_balancer_pool_edit.php usr/local/www/load_balancer_pool.php usr/local/www/load_balancer_setting.php usr/local/www/load_balancer_virtual_server_edit.php usr/local/www/load_balancer_virtual_server.php)
    • Status pages (usr/local/www/status_lb_pool.php usr/local/www/status_lb_vs.php)
    • Widget (usr/local/www/widgets/widgets/load_balancer_status.widget.php usr/local/www/widgets/include/
    • Menu entry (usr/local/www/
    • Sticky parts for relayd only (system_advanced_misc.php)
    • -- only contains functions used by the load balancer, nothing else needs anything from it
    • Service definition and related references (etc/inc/
    • XMLRPC references (usr/local/www/xmlrpc.php etc/rc.filter_synchronize)
    • Boot time startup (rc.bootup)
    • NAT/firewall rules/anchors (etc/inc/ etc/phpshellsessions/pfanchordrill)
    • Upgrade code references that are no longer needed (etc/inc/
    • Privileges (etc/inc/priv/
    • Log references (etc/inc/ etc/pfSense-rc etc/inc/ usr/local/www/status_logs.php usr/local/www/status_logs_settings.php usr/local/www/
    • Alias name check code (usr/local/www/firewall_aliases_import.php usr/local/www/firewall_aliases.php usr/local/www/firewall_aliases_edit.php)
    • Help entries (usr/local/www/help.php)
    • Shortcuts (usr/local/www/
    • Status output (usr/local/www/status.php)
    • Default config.xml entries for load_balancer (conf.default/config.xml)
    • Any other stray references to relayd, load_balancer, etc
  • Add removed files from the above tasks to /etc/pfSense.obsoletedfiles
  • Possibly create upgrade or migration code to move LB entries to HAProxy, or create a script or mechanism to do the same manually
  • Upgrade code should remove the load_balancer section, but depending on the above it could be preserved in a file under /conf/ for migration purposes.
  • Remove references to the load balancer from current documentation

Associated revisions

Revision 586c623a (diff)
Added by Jim Pingle about 2 years ago

Deprecate the built-in relayd Load Balancer. Closes #9386

It is not available on FreeBSD 12 with OpenSSL 1.1.x.

Users can migrate to the HAProxy package.

Revision 67ecc6c3 (diff)
Added by Jim Pingle over 1 year ago

Remove one lingering relayd related message. Issue #9386


#1 Updated by Jim Pingle about 2 years ago

  • Description updated (diff)

#2 Updated by Jim Pingle about 2 years ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100

#3 Updated by Jim Pingle over 1 year ago

  • Status changed from Feedback to Resolved

Looks better on current snaps. Nothing left that I can see.

Also available in: Atom PDF