Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Make sense of IPv4 Upstream Gateway

    Scheduled Pinned Locked Moved
    General pfSense Questions
    3
    5
    120
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      flexibleapps
      last edited by

      Hi all,

      I'm very new to pfSense and I'm trying to understand the concepts behind this amazing Firewall.

      My question is about IPv4 Upstream Gateway. In particular, when I set up a WAN I can set a static IP. If this interface is an Internet connection, I need to select an IPv4 Upstream Gateway as well, otherwise "none" (for LAN interfaces).

      As far I understand, the IPv4 Upstream Gateway is a router to which my WAN interface is connected to. So, if the IPv4 Upstream Gateway has an address of 192.168.22.1, my WAN IP address is on the same network where the router is located into, e.g. 192.168.22.101.

      When a request tries to reach host identifed by 192.168.22.101, the router will route the based on its table route.

      Am I wrong?

      Thanks,
      Lorenzo

      V stephenw10S 2 Replies Last reply Reply Quote 0
      • V
        viragomann @flexibleapps
        last edited by

        @flexibleapps said in Make sense of IPv4 Upstream Gateway:

        As far I understand, the IPv4 Upstream Gateway is a router to which my WAN interface is connected to.

        Yes, but it's not necessarily on your site. Could also be at the ISPs location.

        When a request tries to reach host identifed by 192.168.22.101, the router will route the based on its table route

        From where? From the internet or any other devices connected to the WAN network?

        I don't expect, that any device in the internet tries to access your private pfSense WAN address, except the request is forwarded to it on the router. Private IP ranges (RFC 1918) are not routed in the internet.

        For any other device in the WAN network (within the same layer 2 network), it will route the packets to pfSense directly. That's how layer 2 networks work.

        1 Reply Last reply Reply Quote 1
        • stephenw10S
          stephenw10 Netgate Administrator @flexibleapps
          last edited by

          @flexibleapps said in Make sense of IPv4 Upstream Gateway:

          When a request tries to reach host identifed by 192.168.22.101, the router will route the based on its table route.

          pfSense will route that traffic based on it's routing table yes. If that's traffic from something on LAN to some external site that will be via it's default route, the upstream gateway.

          F 1 Reply Last reply Reply Quote 1
          • F
            flexibleapps @stephenw10
            last edited by

            @stephenw10 Thanks for your info.

            As far I understand the Upstream Gateway acts a as gateway for outbound connectivity, i.e. from LAN hosts to the Internet.

            But what is the difference between the WAN interface of the firewall and the Upstream Gateway itself?
            How the interconnect each other?

            Thanks,
            Lorenzo

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              The WAN interface is the local NIC in pfSense. It has an IP address assigned to it.

              The gateway is the remote device that pfSense sends traffic to which also has an IP address assigned to it.

              The WAN and gateway IP addresses are (almost always) in the same subnet so they can connect at layer 2. I.E. using ARP or DHCP.

              1 Reply Last reply Reply Quote 1
              • First post
                Last post