5 WAN on 3 Interface. How?

befree2

I'm starting to see how to configure interfaces. So is that correct?

viragomann

@befree2
Yes, the VLANs are ok.
But some cheap switches cannot properly separate networks, when running tagged and untagged traffic on the same port. So you should better also turn the existing TIM1 on em3 network port into a VLAN.

befree2

@viragomann
Ok I will VLAN 4 TIM1

johnpoz

@viragomann said in 5 WAN on 3 Interface. How?:

when running tagged and untagged traffic on the same port.

What switch is this - tplink has had issues with vlans for sure, not able to remove vlan 1 in the past.

But in all my years in networking have never seen an issue where you couldn't run a native vlan, ie untagged along with tagged vlans. Now you can only run 1 untagged vlan that is for sure. But you should be able to run 1 untagged vlan with other tagged vlans.

But in such a setup I would prob just run them all tagged. I don't see any advantage of running a native vlan in such a setup.

But sure if he had say a 5 port switch he could run run some of his wan into pfsense native, and then run the extra ones into a switch and tagg the traffic into 1 pfsense interface, etc.

Personally if was me, I would just get a better router with more interfaces ;) But if couldn't do that and I had to do such a setup.. I would do it as drawn with the lagg and the vlans over the lagg. This gives you most through put to any of the wan routers..

I really don't understand such a setup - I could see 2 wan, or maybe even 3 in ultimate failover sort of setup.. But I am curious to why anyone would want/need 5 different wan providers.. My "guess" is providers don't have away to bring in the bandwidth required on 1 line.. So have to have multiple lines.. If that is the case, then lagg on pfsense gives highest possible physical interface bandwidth that could be shared across the 5 wan connections.. So in theory you could hit 3gig.. Assuming that is the pfsense wan interfaces are gig ;)

befree2

@johnpoz
Hi,
first of all thank you for you help.
So, if Im not wrong I will setup pfsense as follow:

em3 interface should be turn in lagg mode with the 3 vlans
and the netgear gs-308t seems to be the right one
https://www.netgear.it/support/product/gs308t.aspx
Once I get the switch at home I will setting up with untagged and tagged port ,
I will keep you informed if you don't mind.
Bye
Roberto

johnpoz

@befree2 said in 5 WAN on 3 Interface. How?:

https://www.netgear.it/support/product/gs308t.aspx

Yeah that will do vlans and lagg, but for a lagg you need more than just 1 interface..

https://docs.netgate.com/pfsense/en/latest/interfaces/lagg.html

If your just going to use 1 interface, then no lagg would be setup and you would just setup vlans on it.

befree2

@johnpoz
Good morning. Ok, I will do it with no LAGG at the moment.
Thank you very much

befree2

Hi,
everything is working fine now!!!
Here is the scenario after the Vlan were created

I did not create a LAGG because the switch they gave me doesn't support. That's why the LAGG port is still available.
Thank you everyone for supporting me.

Bye
Roberto

johnpoz

@befree2 said in 5 WAN on 3 Interface. How?:

the switch they gave me doesn't support.

And what switch is that? You said you were getting a gs308T which clearly supports lag per its manual

https://www.downloads.netgear.com/files/GDC/GS308T/GS308T_GS310TP_IG_EN.pdf

From what you posted - you have your vlans on a lag - with what 1 port? If your not going to use lag I would remove putting your vlans on it.. And just put the vlans on em3..

befree2

Hi.
I know but the client provide a GS108E .....

johnpoz

@befree2 well if the total bandwidth available from these 5 connections is less than gig - still seems crazy to me then it not really a problem.

Out of pure curiosity - why do they have 5 connections? Is there limit on what 1 connection can provide in form of bandwidth?

befree2

@befree2
Yes there is. ISP cannot provide a single connectivity and that's why we join all routers..
On pfsense I have set LOAD BALANCE to get more bandwidth and fail over as well

befree2

Hi.
I got the GS308T Switch !!
What Should I create first the LAG o Vlan? I'would like to set port 1to 6 as Vlan3,4,5,6,7 and 8.
What LAGG ports to pfsense assuming that port 8 should be connected to PFsense wan port?
I'm struggling with that. Hope you can help.
In case we can use teamviewer ...
Thanks

Robin

johnpoz

@befree2 unless your total bandwidth from the internet lines is over 1 gig, I would just go with no lagg - lagg adds complexity. I am a huge fan of the KISS principle (Keep it Simple Stupid) hehehe

Thought you said it was working with your other switch that didn't do lagg? Were you not seeing the full bandwidth your different isp lines can provide?

https://en.wikipedia.org/wiki/KISS_principle

Maybe because it originated in the Navy, and I'm ex-navy.. That was a bit before my time ;) but was still a saying when I was in during the 80s and 90s

befree2

@johnpoz
Hi, thanks for replying me.
Each router (5) provides about 40Mbit
I got what you said.
So, can I do it in this way:

On pfsense
2 ports LAGGtoLAN
2 ports LAGGtoWAN

On the VLAN switch
2 ports for LAGGtoWAN (pfsense)
ports 1to6 VLANid's....

Tel me what you think please
Robin

johnpoz

@befree2 said in 5 WAN on 3 Interface. How?:

Each router (5) provides about 40Mbit

Even if you had 10, for 400mbps total you have zero need of lagg.

befree2

@johnpoz
Ok John, got it. Thanks
I'll leave only the LAN side as LAGG

Many many thanks for you time

Robin

johnpoz

@befree2 said in 5 WAN on 3 Interface. How?:

I'll leave only the LAN side as LAGG

You don't even need that.. Again KISS!!

The only reason I ever mentioned lagg is if your total bandwidth from these 5 different lines exceeded 1gig, in that case you would need to allow for more than 1 gig into the lan side of pfsense via different interfaces.

But since your total internet connection adding up all your 40mbps connections is 200mbps, 1gig connection is all you need, so there is no reason to setup lagg..

befree2

@johnpoz
I've considered LAGG on the LAN side because of 200 to 300 concurrent users that require internet

johnpoz

@befree2 said in 5 WAN on 3 Interface. How?:

200 to 300 concurrent users that require internet

But your internet is only 200mbps total across all your connections, so lagg provides nothing other than a possible problem to deal with..