stickied :)

@dotdash:

If you need one IP block available through two different ISPs, then yes, you will need BGP.
There is a reason why critical 24/7 apps are usually hosted in data centers. For less mission-critical uses, you can set the ttl low and shuffle A records. The pfSense DNS package does this, but I have yet to try it out. I'm fond of cheap, low-tech solutions: Let's say you have users who go to orders.company.com to submit orders. Tell them if they can't get to it, to try orders2.company.com.

Ah okay. I guess BGP is pretty complex for a non -cisco/-network guy and probably would create more downtime if I used it vs. if I didn't (poor ability to troubleshoot).

Multiple dns-records was the initial plan I had and I might just go for it.
Is it considered "rude" to have a very low TTL?

Worked like a charm!!  Thanks so much!

Sometimes resetting to factory defaults and starting over is the best way to get things to work. :) Problem is solved. Hehe.

Let's break this down and address each issue separately.

@teeach:

no joy just get a grey screen whenn it tries to boot, so decided to run it live off cd.

That's a significant issue by itself and should be split into another thread. When you're ready to tackle that one then make a new post in the appropriate category, probably Installation and Upgrades. Let's get your config working on the Live CD install, then if you like you can export it and get it working on an hdd/embedded install as you like.

only 1 wan working

currently i get both working but only able to access a few sites(mtu issue?) why would this be im assuming the cable modems set the mtu for the connection to internet.

According to the screenshot both WAN are connected with a unique IP address on different subnets, and both have sent and received packets. What makes you say you have only 1 working?

could it be an issue that im running it live?

I don't see how that should be a problem. What are you trying to accomplish specifically? Failover? Load balancing? Policy-based routing? Source-based routing? A multiwan config could utilize any combination of these, so it's important to know which you're trying to implement before we can isolate the issues you may be having.

db

Yes, i'm using utorrent and downthemall! and still only one connection (OPT1) is being used  :-[

And yes, i'm expecting inbound and outbound(upload i mean) traffic, and still only one connection being used :-[

Another thing, i messed again with the firewall rules and can't access the Browser interface anymore, is there a way to reset only the firewall settings without reseting the whole Pfsense ?!

Thanks again Gruens !! ;D

a) You have 3 Realtek NICs. These are among the worst GigE NICs available, and performance reflects that.
b) You've got (at least) 2 NICs on the PCI bus, which is only a 1067mbit bus - all attached NICs must share this bandwidth, so your 50MB/s is probably saturating the PCI

You need better hardware for gigabit performance. At the very least moving the NICs to PCIe.

ATM it looks good, it still uses WAN2 as default instad of WAN1 but thakns your tips i can now atleast force my mails to use WAN1

But i stiull have no glue why WAN2 sometimes drops

It was just a suggestion so you can get a better idea of how such a setup would work. OpenVPN layer-2 tunnels server the same basic purpose and work similarly to the EoIP tunnels used there. AFAIK the Mikrotik OS is Linux-based anyway.

It's not in the Linux trunk, but there is a module available for RFC 3378 (EoIP) support here http://www.zlug.org/~joro/projects/

Thanks bora !! Your guide really was my first try  ;D

Currently, i sucessfully setup the pool (wan+OPT1-2-3) and having a REALLY HARD time configuring the Firewall to make the Load Balance work.

If i edit the default LAN ACCESS rule and set the default gateway as my Load Balance Pool, i cant connect to the internet  :'(

Then if i set the default gateway to "default" i can access the internet, but only with WAN  :-\

I´ve tried to copy various configurations over the internet ( including yours Bora) but still unsucessfull  :(

I´ll post tonight my rules from the Firewall.

Thanks for your kindness  ;D

Did you deactivate the "block private networks" option on the WAN interface?

What error? What problem?
You really have to start to give information on what you are doing and what is not working or noone will be able to help you.

The rule is correct if you want to block all traffic from WAN2 to any other interfaces, for firewall that is usually what you want.
Rules allowing traffic to go out of WAN2 are set on ports LAN1 and LAN2. There is where you should look and that is what GruensFroeschli was asking for.

Why does he have to add a third nic?

You should only have to assignt to the wan nic two (or more) vlans which is untagged at the linksys switch.  But I doubt the linksys works flawlessy with 802.1q vlan taggs, and it has way too few ports that it makes much sense to me.

Since I want to use a couple of the same linksys routers for deploying different kind of networks, splittet out in different vlans (one vlan with a transparent proxy, the next a 'trusted' vlan for internal network and last but not least a seperate vlan for voip, maybe another one for wlan) - but as I said, I doubt that the 802.1q implementation of dd-wrt/openwrt works flawlessy… I think you have to lower the mtu to get it work or maybe other more or less dirty hacks have to be done...

But I hope I'm completely wrong  with this;-)

For those who readed my topic, my problem in this case is :

Same Gateway in one OR more WAN´s.

This cause the ARP Table to "see" only LAN, WAN and not any other WAN´s.

This cause the Load Balancer to use only WAN + Lan (since my OPT´s have all the same gateway)

the solution to my case is use an cisco 2900xl switch with VLan capabilites, i will create a VLAN to each of the gateways (even they being the same) ! wish me luck