Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense capabilities

    Scheduled Pinned Locked Moved
    General pfSense Questions
    1
    1
    719
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      ReexNeex
      last edited by

      While looking for a multi WAN failover/load balancing device, I have spotted a few interesting ones such as the Peplink 30 and 310, the Draytek Vigor 3220 or 3900, Mushroom Truffle.
      For some reasons, none of them seem to be the proper device and at the same time pfsense seems to be largely respected as on of the best solutions.

      Why not verify this? :-)

      So this is my case: small school with 2 ADSL ISPs (very bad, effective 1/0,3M), 1 Satellite ISP (16/4M with high latency 700ms), a lan with 37PCs and mobile devices (phones and tablets) that make a pack of roughly 60 devices, most of them connected through WIFI.
      The whole can be segmented into: 15pc in the lab, 15pc in the classroom, 7pc in the office, mobile phones and tablets everywhere. No VPN requirements

      Logical units/devices priority

      1. Office
      2. Classrooms and lab
      3. Mobile phones

      Content priority

      1. email (80% web based)
      2. browsing
      3. video playback
      4. downloading - cloud sync

      Targets

      • Failover: each group of devices must be redirected to available WAN on fail
      • Balance: split devices by logical groups over WANs
      • Shaping: prioritize protocols or local IP groups
      • Limiting: set limits per IP

      Questions!

      1. Can pfsense manage all these requirements inclusively?

      2. What processing power/RAM/specs are required for this?

      3. Can some devices/IP be excluded from multi WAN and dedicated to a specific WAN (with failover, so that these devices will only use one WAN at time)

      4. Is it possible to configure WAN usage per protocol? For instance, DNS requests could be routed to low latency WANs, while downloading and video streaming to high latency and faster WANs

      5. can pfsense distinguish from HTTP browsing and HTTP download or this is impossible due to the nature of HTTP?
      Maybe this could be achieved setting the firewall to differentiate the traffic inspecting the HTTP header 'content-length' and then use it's rules to segregate the traffic above a certain threshold?

      6. Can pfsense be configured to assign a specific WAN for video streaming?

      7. Can pfsense be configured to avoid disconnections when using round-robin with multiple WANs?

      8. Is it possible to limit bandwidth dynamically? This would mean that a percentage used for bandwidth limiting (per device/IP) is related to the currently available bandwidth and not the nominal value assigned to a specific WAN. This translates to: no traffic, give all the available bandwidth to user/IP; traffic, assign bandwidth accordingly.

      9. How difficult is to configure pfsense? I have very little knowledge on routing!

      Thanks to anyone that may help!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post