Using MultiWAN from the same ISP

heper

@lucas-rey yea that should also work fine if you have enough interfaces on your hypervisor

NogBadTheBad

@lucas-rey I’d get rid of the modem or look at putting them into bridge mode if you can.

At least you’d be able to have two working WAN interfaces, then maybe you could policy route traffic out both wan interfaces based on firewall rules.

Lucas Rey

@nogbadthebad said in Using MultiWAN from the same ISP:

I’d get rid of the modems or look at putting them into bridge mode if you can.

Nope, as I wrote, the ZTE modem provided by ISP allow only a few basic settings. So only way I believe is the above one.
Waiting for a modem with 2,5Gb ports. Hopefully next upgrade will be 10Gb with new modem provided by ISP.
Anyway, I'll be in the same boat, 2,5Gb ports with 10Gb fiber

NogBadTheBad

This post is deleted!

Lucas Rey

Aaaaaand... finally I got 2 GW grouped into a MultiWAN GW.

alt text

May I ask if this MultiWAN act as something LACP for bandwidth increase or only as backup? What I did is create a new group and setup it as default GW. But I cannot see any "use rule" for such GW, e.g. active-standby or so.

alt text

heper

@lucas-rey you'd have to add the gateway group to a firewall rule on lan. (Edit your default any any rule to test(

Chances are small a single client will see any speed improvement. Multiple clients might.
Some speedtest sites use multiple sessions that occasionally go over multiwan simultaneously

viragomann

@lucas-rey
pfSense doesn't load-balance on a gateway group. It's just a fail-over group.
So in case of high latency or packet losses it can switch over to the other gateway.

What you can do to get benefit of higher throughput using both, is policy route either the upstream traffic of specific internal devices to one gateway and other devices to the other one, or route some ports to this one and the rest to the other one.

heper

@viragomann said in Using MultiWAN from the same ISP:

pfSense doesn't load-balance on a gateway group.

Since when? It has always done load balancing as long as I can remember. That's what the tiers are for.

viragomann

@heper
Oh yes. You're right. With multiple equal tiers it does.

Lucas Rey

I can confirm that the bandwidth is now increased with the above config at least 50% more.
However my goal will be increase the wifi bandwidth due to multiple streaming devices at home (wife and sons use them :) )

I'll use the lacp functionality of my orbi rbk853.

Lucas Rey

Hi guys, sorry, but something is wrong in my config, could you please help to understand?

I did some tests and if I setup the second GW (the one from pfSense 2) my clients are not able to surf internet anymore.
From pfSense 2 ssh I can ping dns e.g. 8.8.8.8 and resolve address without issue, so I don't understand why this happen.
My LAN rules are configured with default GW.

I noticed that, because I seen that pfSense used only one GW when I setup MultiWAN as default GW even using different clients. That's normal I think, since the second GW doesn't allow to surf internet.

Any clue?

alt text

viragomann

@lucas-rey
Did you state the gateway in the WAN2 interface settings?

Check the outbound NAT, if pfSense added proper rules for WAN2.

Lucas Rey

@viragomann said in Using MultiWAN from the same ISP:

Did you state the gateway in the WAN2 interface settings?

DAMN! You're right, I forgot to add the GW
Now I'm able to surf internet also if I setup GW2.

Anyway, the issue is still the same. Using 2 clients in my lan, the WAN2 is not used at all!!!

I understand the group GW cannot be used by 1 client to use aggregate speed, but I thought that using two or more clients in my lan I was able to use both GW and finally use my 2,5Gb fiber connection (at least 2Gb).

I don't understand why only one GW is used

viragomann

@lucas-rey
As far as I know, pfSense uses both gateway in a round robin style to establish connection. So the first connection goes out on WAN1, second on WAN2, the third on WAN2...
It doesn't matter, which client is establishing it.

To verify initiate some connections and check the state table: Diagnostics > States

Lucas Rey

@viragomann said in Using MultiWAN from the same ISP:

To verify initiate some connections and check the state table: Diagnostics > States

Indeed I can see only WAN and WIFI interfaces there. No WAN2 connections. :(

Lucas Rey

@lucas-rey said in Using MultiWAN from the same ISP:

Indeed I can see only WAN and WIFI interfaces there. No WAN2 connections. :(

I can see something strange on GW config. Even If I setup the MultiWAN as gateway, the default GW is now WAN2. Indeed, all traffic is now passing to this interface.
I can move the default GW to WAN, and in this case all traffic go to WAN.
There should be a way to setup MultiWAN as GW

alt text

heper

@lucas-rey https://docs.netgate.com/pfsense/en/latest/multiwan/policy-route.html#configuring-firewall-rules-for-policy-routing

stephenw10

You cannot do load-balancing for clients just by using setting the system default gateway to load-balance gateway group. You need to use policy based routing on the LAN side firewall rule.

Setting a gateway group for the system default gateway can be used for failover for the system itself there. See: https://docs.netgate.com/pfsense/en/latest/routing/gateway-groups.html#gateway-group-options

Steve