Is this stupid?
-
Hi dotdas. Yup, that's pretty much it however I'm asking whether or not anything looks dodgy? Where do you get confused and I'll try and explain better. Cheers
-
I don't get the thing where the link-bonding router loops back over to (presumable the LAN side of) the firewall.
-
It loops back to the WAN side of pfsense. The idea is so that I can make use of policy based routing in pfsense and keep all my hosts on the same subnet.
-
But why would you do a setup like that to do such a simple task???
-
Can you tell me a simplier way? The
main reason is that my voip server will be going out via WAN1 (using policy based routing) and needs QoS. In this setup, pfSense would control the bandwirh going to the voip server and the LBR -
–--->WAN--->Pfsense--->LAN----->Hosts
Is that correct understood??
-
–--->WAN--->Pfsense--->LAN----->Hosts
Is that correct understood??
not quite. I have 2 DSL lines being bonded by a LBR however some hosts will go out via one of the lines only. The problem is that when someone uses the bonded connection, it will affect the voip server performance (which will be going out via WAN1 directly through pfsense).
-
Yes but it will not be bonded anymore, when connected like you suggested.
The LBR should be at the very front connected to WAN1 and WAN 2, with PFsense on the LAN side. Otherwise the connections will not bond. The ISP has eq. on their side, whic connects to your LBR.
So you will not be able to withhold the bonding without the original router….
BUT....Depending on the setup, you could use Pfsense as a loadbalancing gateway. But not bonding the 2 ADSL together into one external IP.
-
Yes but it will not be bonded anymore, when connected like you suggested.
The LBR should be at the very front connected to WAN1 and WAN 2, with PFsense on the LAN side. Otherwise the connections will not bond. The ISP has eq. on their side, whic connects to your LBR.
So you will not be able to withhold the bonding without the original router….
BUT....Depending on the setup, you could use Pfsense as a loadbalancing gateway. But not bonding the 2 ADSL together into one external IP.
thanks for your reply. Actually, this isn't MLPPP bonding. This provider has special algorithms which bonds at the IP layer. So, the LBR will create a VPN tunnel with double bandwith.As in the picture, the output of the LBR will be a bonded output who h is designed to go into a firewall. The reason why I want WAN1 to go through pfsense initally, is that some hosts will need to go out via WAN1 directly
-
Then it is a very shitty setup…. To be honest..... :o
-
Then it is a very shitty setup…. To be honest..... :o
then could you suggest a better one that would fit my requirements? Thanks
-
U R welcome :)
Get rid of the LBR and seperate the two ADSL lines…. Use traffic shaper and port forwarding/1:1 NAT on the preferrred ADSL for VOIP.
-
U R welcome :)
Get rid of the LBR and seperate the two ADSL lines…. Use traffic shaper and port forwarding/1:1 NAT on the preferrred ADSL for VOIP.
Supermule, lol that's EXACTLY what I'm doing now.
The thing that attracts me about the LBR is that is get to enjoy 14Mb download and double upload which will be good for VPN stuff. Can you tell me what is wrong with my setup in the diagram? Thanks
-
It is not the right way to do things…..
With loadbalancing on the Pfsense, i bet you would see better performance overall, than you see now on VPN.
-
What is wrong about it? The fact that and going back over to the WAN?
-
Folks I must also mention that the output of the LBR gives me an external IP and it's a true bonded solution, meaning that when it flips back to the WAN side of pfsense, it is pretty much a real WAN connection.
Another solution would be to use 2 pfsense routers (So the output of the LBR goes into a 2nd pfsense's WAN port) but isn't that a waste?
-
Single point of failure…. You havent got a clue, whether it is the pfsense or the LBR that is the problem.
If you run a loadbalancing setup instead of this, it would be alot quicker to determine errors and correct them, than having 2 routers infront of eachother. Being the frontend that you have no control of whatsoever.
What is wrong about it? The fact that and going back over to the WAN?
-
Hi Supermule, I've updated the image in the link to provide more info.
I agree with your theory about the single point of failure.
However, given my current setup, I don't really think that's an issue (Actually it improves things slightly, as the LBR will continue to work with only one link connected to it).
Does the details in the updated image help at all?
Thanks
-
No not really…..
Does the LBR support QoS and can you configure it?? And does your ISP configure QoS on your external IP?
-
Unfortunately not. I have asked both these questions to them and the answer has been no.
Incidently, DSL1 and DSL2 are coming from different ISPs
