2.01, simple load balance two PPPoE to same ISP
-
In general this appears simple to configure, but I don't know what needs to be done for the last step.
As with my multilink PPP / VLAN experiment, it appears the WAN interface created during the initial setup should not be used since it is going to be replaced by the gateway group later. So assign it to a nonexistent VLAN just to make the initial configuration process go smoothly, and remove it completely later.
NetGear ProSafe GS105E (cheapest 5-port switch currently available that supports 802.1Q VLANs)
Easy 802.1Q VLAN config:
-
Port 1 - VLAN: 1
-
Port 2 - VLAN: 2
-
Port 3 - VLAN: 3
-
Port 4 - VLAN: 4
-
Port 5 - VLAN: ALL
pfsense 2.01 initial install:
-
Will you be using VLANs? Yes
-
create -> em0 -> VLAN 1
-
create -> em0 -> VLAN 2
-
create -> em0 -> VLAN 3
-
create -> em0 -> VLAN 4
-
create -> em0 -> VLAN 5 (no assigned ports)
Assign interfaces:
-
WAN -> em0_vlan5
-
LAN -> em0_vlan4
-
OPT1 -> em0_vlan1
-
OPT2 -> em0_vlan2
-
OPT3 -> em0_vlan3
Web GUI setup:
Skip the wizard, click on logo
Interfaces -> OPT1
Enable
Type: PPPoE
Username / password of first DSL accountInterfaces -> OPT2
Enable
Type: PPPoE
Username / password of second DSL accountSystem -> Routing -> Groups -> Add
Name: TWO_PPP
Gateway priority:
WAN - None
OPT1 - Tier 1
OPT2 - Tier 1
Trigger level: member down (default)Interfaces -> WAN
DISABLE
At this point it is unclear what else I need to do.
-
There is no firewall rule tab for the "TWO_PPP" gateway group. Can't do anything with it.
-
OPT1 has no firewall rules.
-
OPT2 has no firewall rules.
The default LAN rule "Default allow LAN to any rule" seems like it should just automatically direct everything to the gateway group, with the WAN interface disabled. Though, unknown.
Do I need to change this default LAN rule to explicitly point to the gateway group, like this:
(The following will retain the original rule but disable it, as a backup copy.)Firewall -> Rules -> LAN
For rule "Default allow LAN to any rule"
Disable
Add new rule based on this one
Enable
Description: Allow LAN to load balancer
Advanced features -> Gateway
TWO_PPPWhich looks like this:
I do not yet have the second DSL line installed to know if this configuration will be correct.
-
-
You seem to have all the right configuration options.
Since you are using VLANs instead of actual NICs, you will need to double check your switch configuration. It needs to have a trunk port to the pfSense box with all the VLAN IDs. The rest of the ports also need to be properly configured with a single VLAN for their respective connections.Yes, you need to explicitly specify the LAN side rule to send traffic to the TWO_PPP Gateway.
-
Let try 1 wan connect with pppoe and another is dhcp from your modem.