Multilink PPP - (DSL Bonding) [Now $100USD]
-
The mlppp in testing, will pfsense be able to support 2 pppoe connections using any standard pppoe modem?
Or will we have to fork out for the expensive sangoma cards?
The feature is the one feature that pfsense needs to be the best firewall of all time!! (horrray!)
I've already added $30 to the pot but ill add another $20 to that to make it $50!
Could the op do an update on the total currently in the pot?
-
There is another firewall called Boot CD or something that used to be free but then the guy started to take advantage of the fact that his prduct was the only one to allow MLPPP.
Eddie hardly charges a fortune(£23 per year)! Go and see how much Cisco would charge you ;).
I think that people should be paid for putting effort into developing software in there spare time. He gives you it for free if you use him as your ISP which is more than fair.
-
ok yes, people should be rewarded for their efforts.
However I still stand by the fact that pfsense would be one of the best firewalls ever if it had this feature!
-
It's not complete and bug-free, but it's a good start. Only a few hours were required ;)
http://www.dslreports.com/forum/r20504733-MLPPP-on-pfSense
I'm using that method, but I have issues with it when I reconnect. pfSense blocks all incoming communications, as if the firewall&nat rules don't work anymore.
I have to manually make it reload the filter rules before it starts forwarding stuff again.
This is obviously a blocker if you run anything to be accessed remotely. -
Ok here's the updated scoop.
As you can see if you read that thread we are having severe latency issues. at one time it got better for me and wasn't so bad but it would come back now and then. SO i was wondering if anyone perhaps had any hints as to why this is happening. keep in mind this is in single dsl mlppp mode. We have yet to finalize testing using two modems and seeing how this responds etc. Couple other bugs I have noticed is it won't get the ISP dns entries we had to put them in ourselves and tell pfsense not to override with a wan dns entry. I am ruling out hardware as the issue for the latency as both machines tested with the same problem have way diff specs.Well i gave it some more time to this and here what came out.
http://bsdtips.utcorp.net/mediawiki/index.php/Mersault/MultiLink_PPPalthough for the latency issues it is recommended to change the line
set bundle enable round-robin
to
set bundle disable round-robinThis would use split packets and truly double/triple/…. the bandwidth and utilization of the links.
To fix the problem that pf blocks the packet on the other ng* interfaces use the up-script as said here
http://mpd.sourceforge.net/doc/mpd25.html#25
and in the script add a command ifconfig $1 group netgraphthen in /etc/inc/filter.inc search for "Default deny rule"
and add before it pass in quick on netgraph all keep stateNOTE: this will not allow any QoS to work with the other links and will just enable the functionality to use multi link ppp/pppoe not sure about pptp. You have to take even nat i consideration.
I cannot integrate it yet on pfSense since i have not a test setup for it so ....
-
Anyone have any idea on why my forwarding rules don't get reloaded after a reconnect?
-
Look at the source Luke :D
issue touch("/tmp/filter_reconfigure") or is it filter_reload whenever you want the rules to get reloaded.
-
So is anyone planning on taking a real good stab at this?
-
Well 1.3 support multiple pppoe/pptp connection so adding this is not much work afaik. But i will not take it for now.
-
@ermal:
Look at the source Luke :D
issue touch("/tmp/filter_reconfigure") or is it filter_reload whenever you want the rules to get reloaded.
I found the appropriate command, but I could not figure out the appropriate location to place it in and have it run. From what I can see, the MPD5 daemon does not die when the connection experiences an error, and if I do manually kill it, it does not auto restart. What should I do?
-
Ok, at this point I am going to withdraw my request for this bounty. If anyone else wants to keep it going by all means but I will no longer require it.
1:1 Nat in Tomato will solve all my requirements and I will not be using Pfsense anymore.
Thanks everyone for the attempt.