DHCP, 2 Subnets and a Gateway!
-
Hi all, I have two subnets available /29 and a /23, a pfsense box 2.0RC3, with 3 physical ethernet interfaces.
I need to be able to hand out DHCP addresses from the /23 in a 1:1 scenario but use the gateway of the /29.
I'm currently using the bridge feature bridging LAN and WAN with a DHCP server on LAN with the /23, this all works AOK as far as internet access BUT I cannot set a seperate (on the WAN interface) gateway as its on a different subnet.
How do I get a fully routed DHCP setup so the clients using the /23 are not being routed asymetrically. I've had a look at the bible but it makes no sense as it implies using private IP's not public.
Current setup:
32.x.x.23 = ISP Gateway
32.x.x.24 = WAN pfsense175.x.x.1 = LAN IP/DHCP Server
175.x.x.2 - 175.x.x.254 = /23 subnetClient DHCP Client details at present;
IP Address: 175.x.x.103
Netmask: 255.255.254.0
Gateway: 175.x.x.1
Primary DNS IP: 208.67.222.222
Secondary DNS IP: 208.67.220.220
DHCP Server: 175.x.x.1 -
There are a few things that puzzle me about your description.
I'm currently using the bridge feature bridging LAN and WAN with a DHCP server on LAN with the /23,
Apparent your pfSense LAN interface has an IP address of 175.x.x.1 and the WAN interface has an IP address of 32.x.x.24. How did you configure that? (In my experience when interfaces are bridged at most one can have an IP address or the bridge interface itself has an IP address.)
I need to be able to hand out DHCP addresses from the /23 in a 1:1 scenario but use the gateway of the /29.
I don't understand this. Your DHCP clients need a gateway on their own subnet. The gateway is the machine that gets traffic off the subnet. If the gateway is off the subnet, how do the clients get traffic to the gateway?
How do I get a fully routed DHCP setup so the clients using the /23 are not being routed asymetrically.
I don't understand how asymmetric routing would be possible in the configuration you described.
Unless I've missed something crucial in your description I think you need pfSense WAN interface IP address 32.x.x.24/29 pfSense LAN 175.x.x.1/23 and no bridging. Your DHCP clients will use 175.x.x.1 as their gateway and pfSense will route traffic to the internet over its default route to 32.x.x.23. If your WAN IP address is static (as distinct from DHCP on WAN always giving you the same address) you will probably have to create a gateway (web GUI: System -> Routing, click on Gateways tab) to specify 32.x.x.23 as the default gateway. Since your LAN has public internet addresses you will probably want to disable NAT. Since your ISP has (presumably) given you two subnets I presume they will setup their routing tables so traffic to 175.x.x.x/23 will go to 32.x.x.24 where pfSense will route it onto your LAN.