I'm not sure I understand you fully, but this is what I think you mean:

You have a single layer 2 network, basically a bunch of servers (and possibly other hosts) connected to a switch or series of switches that are not split into vlans. On this L2 network you have configured multiple subnets, so for example you have a server whose address is 192.168.1.100/24 and another that is 172.16.0.200.

Now you want to change things, such that each server actually sits on a separate vlan and can reach the other hosts only through pfsense.

Am I close? Can you provide a diagram of how things are and how you want them to be? You can do this for free on gliffy.com.

Do you have firewall rules configured on the router?  pfSense creates a new section in the rules for the new VLAN interfaces, whatever you named them.  By default I think its opt1, opt2, etc.  You may need to create a rule to allow traffic from the VLAN's subnet outbound.  I'm pretty sure there are no rules and an implicit deny when you create a new interface.  This would result in you being able to ping the switch from pfSense, but not the other way around.

@abitdisgruntled:

We would normally accomplish this via Policy-Based Routing and IP SLA

How exactly would you do this?

@abitdisgruntled:

Sorry, I should have stressed more the reason why I need to route by hostname and not IP. As I mentioned 1 of the database providers uses Amazon Cloud services and as such the destination hostname's IP address changes frequently (often 4-5 times a week) and drastically (such that specifying a route based on destination range or network will also not work).

It can be done with pfsense as jimp explained. Since the hostname you need to resolve changes IPs relatively infrequently ("4-5 times a week") then you can simply use an alias, as previously suggested. pfsense includes a daemon that periodically resolves any fqdn in aliases into IP(s).

But it wouldn't work if the fqdn resolved to a different IP every time you did a DNS query (e.g. www.facebook.com). For those cases I've considered doing policy routing for the entire IP range and suggested a related feature to the devs here.

You may want to look at the HOWTO, as the way to set up load-balancing has changed somewhat since 1.x.

http://doc.pfsense.org/index.php/Multi-WAN_2.0

That was fast! Thanks a Lot  ;D

Set your IPs as "IP alias" Type

You can do that with IP aliases, but it's going to be a big headache and a giant security problem. Reconsider the vlan switch idea, which is the proper way to do this and still sleep at night. You can get a decent 5-port vlan switch for $50. http://www.ncix.com/products/?sku=57524&vpn=GS105E-100NAS&manufacture=Netgear

I figured out what was wrong with my RV016, the MTU size was 1500 when it should have been 1492 for ADSL.

http://www.cisco.com/en/US/products/ps9924/index.html

This router allows you to load balance without putting a router in front of it.

@clarknova:

@Jason:

http://doc.pfsense.org/index.php/Multi-Link_PPP_%28MP/MLPPP%29

That's the one you want. Note that that document assumes that both links are the same speed, and you will end up with a bundle that is 2x your slower link, so 2x2=4mbps, which is probably what you want.

When setting up your PPPoE bundle on the PPPs page, click the Advanced button and you can set individual link speed for assymmetric bonding. Honestly I don't know if you're supposed to put the upload or download speed in there, so play with it and see what works.

I would also appreciate it if you post back to let us know what you learn with it so that the wiki (and possibly pfsense) can be updated to be more specific.

I'd think it would be upload.  You wouldn't have any control over what link a download comes in on, that would be up to the other end of the connection.

Thanks for your reply.

I can only ping it if I specify the source address as the em1 address, because otherwise it'll attempt using the CARP address.
I have attached a screenshot of the routing table where it shows that vip11 is used rather than em1 for the routes.

Of course gateways 192.168.4.141 and 192.168.4.155 are in different subnets (/28)

routes.jpg_thumb
routes.jpg

I have the same ISP, and I think he meant he wanted to his get his WAN and the opt0 bridged, opt0 would either be connected to the TVboxes or the HPNA router.
802.1P would tag the VLAN34 packets who then have higher priority over regular net trafic. Ill try to make a diagram of the setup

–-->[ONT]–----------->[HPNA router]–--Internet
                                          \       
                                            TVboxes

The ONT bridges the Fiber to Ethernet, It also only connects to 1 MAC address and only has one port that is active the rest are turned off.

The Router, which is what we are trying to replace with PFsense, does Wireless, NAT, and connects to the TV boxes through either HPNA or CAT5\6.

Currently getting the net is no issue and works quite well, the issue is trying to get the TV Multicast to connect.

You can do that on 1.2.3, just read again the guide ( about multiwan ) from your first post

Anyone?

It looks like i am having the exact same problem as here - http://forum.pfsense.org/index.php/topic,36966.0/wap2.html

I guess there was never a fix of this and i am sure my ISP use Cisco equipment their end  :(

whoops, thank you for that! :P

Carp:
http://doc.pfsense.org/index.php/Configuring_pfSense_Hardware_Redundancy_(CARP)

Other guides:
http://doc.pfsense.org/index.php/Tutorials

http://redmine.pfsense.org/issues/1837

I'm not sure anyone is actively working on that - it won't be fixed until 2.1+ and attention is focused elsewhere. If you discover anything (or a workaround), etc, then update the ticket.

I've started a new topic in IPSEC

http://forum.pfsense.org/index.php/topic,42025.0.html