PFSense configuration for 48 public IP's over DHCP
-
This will not work perfectly, you will have problems, and it will require a tremendous amount of manual intervention to get "working".
Because all of your addressing and gateway assignments are out of your control, expect it to break and also expect randomly bizarre networking issues to occur…alot. Managing 48 dynamically assigned addresses to ensure none have the same gateway is a fool's errand.
It is more prudent to get 3 modems with 16 static IPs all going to different gateways.
I know you mentioned this is a hobby thing, but if you're at that point where you have a requirement to use all 48 unique IP addresses and the combined, load-balanced bandwidth, you need to make some investments for it to work. Or, you can modify the pfSense code base to better accommodate your very unique situation.
It indeed feels like very hard to set this up. Once again for the gateways, this already occurs and it does not result in any problems at all. If 2 of the IP's have the same gateway then PFsense just keeps functioning as usual.
It's not really an investment thing, there simply is no possibility to get 48 static IP's with the modems with Telenet.
-
Pfsense obviously does support it as once again, we have used it for almost 6 months with 3 modems. There has been a situation after a reset from Telenet where all 3 modems got an IP on the same subnet, which resulted in all 3 wans having the same gateway. This worked flawlesly. If I were to put 48 NIC cards in this PC I would just add 48 WAN's and load balance them. This would definately work.
Ok here it my tip on this, if you are sure this will working, then please have a look on LANNER´s website
they are offering device such as the FW-889x series with 64 LAN GB Ports, as per 8 LAN Ports on each module.It's not really an investment thing, there simply is no possibility to get 48 static IP's with the modems with Telenet.
And there is no other ISP you can invite or call? Today getting static IP Adresses is not the real point I think.
We have spent so much time o this we then considered using PCI-e splitters to be able to add up to 48 physical WAN's. This would be very expensive and seems like a total waste.
For sure but trying out so much and don´t reach the goal is also is also a pain in the ass.
For this I have used a TP-Link SG2424 switch.
I hope not in the front of the pfSense.
hat we do will work, we know ways as with the USB adapters that will just work, only they are a solution that isn't logical at all.
I really hope this is only a hobby thing of yours!
- get static IP addresses
- get enough IPs from more then one ISP
- get your hands on a LANNER FW-889x device (ask them what is running proper pfSense)
Don´t use the FW-8895 the BIOS is not right and capable to install pfSense on it - Take enough modems and stitch them in the LANNER device.
-
@BlueKobold:
Pfsense obviously does support it as once again, we have used it for almost 6 months with 3 modems. There has been a situation after a reset from Telenet where all 3 modems got an IP on the same subnet, which resulted in all 3 wans having the same gateway. This worked flawlesly. If I were to put 48 NIC cards in this PC I would just add 48 WAN's and load balance them. This would definately work.
Ok here it my tip on this, if you are sure this will working, then please have a look on LANNER´s website
they are offering device such as the FW-889x series with 64 LAN GB Ports, as per 8 LAN Ports on each module.It's not really an investment thing, there simply is no possibility to get 48 static IP's with the modems with Telenet.
And there is no other ISP you can invite or call? Today getting static IP Adresses is not the real point I think.
We have spent so much time o this we then considered using PCI-e splitters to be able to add up to 48 physical WAN's. This would be very expensive and seems like a total waste.
For sure but trying out so much and don´t reach the goal is also is also a pain in the ass.
For this I have used a TP-Link SG2424 switch.
I hope not in the front of the pfSense.
hat we do will work, we know ways as with the USB adapters that will just work, only they are a solution that isn't logical at all.
I really hope this is only a hobby thing of yours!
- get static IP addresses
- get enough IPs from more then one ISP
- get your hands on a LANNER FW-889x device (ask them what is running proper pfSense)
Don´t use the FW-8895 the BIOS is not right and capable to install pfSense on it - Take enough modems and stitch them in the LANNER device.
Wow, that is indeed it! Any idea where I can buy this?
-
Wow, that is indeed it! Any idea where I can buy this?
-
You mention VLANs, are you using Virtual IPs? (VIP)?
This is essentially same as my setup. I have one DOCSIS 3.0 WAN1, dynamic IP and one (Verizon FiOS) Fiber>>Ethernet WAN2 with 5 static IP. (so 2 WANs and 6 IP addresses, no different than 30 WANs 700 addresses)
I have pfsense "router on a stick" setup here: https://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0CAcQjRxqFQoTCPbX_bKbqscCFQIgPgodBPwDdg&url=https%3A%2F%2Fwww.highlnk.com%2F2014%2F06%2Fconfiguring-vlans-on-pfsense%2F&ei=GLvOVfbrMYLA-AGE-I-wBw&bvm=bv.99804247,d.cWw&psig=AFQjCNEy8TWbrKc3ohc7soAwNRJVWyTW6Q&ust=1439698072038640
(sorry for long hyperlink)I have WAN1 and WAN2 going into a switch. I have pfSense also going into same switch via 2x 1GbE uplinks in a LACP LAGG. On my WAN1 with dynamic IP I use a VLAN and forward the connection to WAN1 on firewall. On WAN2 (Verizon FIOS 5x static IPs) I use Virtual IPs (VIP) and forward each over a VLAN same as I do WAN1.
I had trouble with STP and MAC addresses on my switch but I am new to L3 so it was probably my inexperience.
I'm on 2.2.4-RELEASE (amd64). Go to Firewall>> Virtual IP… Create VIP.
Hope that helps.
EDIT: To be clear, you would have your 3x modems going into same L2/L3 switch (make sure your switch fully supports L2, some do not), VLANs + VIPs would then carry your 48 WAN IP addresses to pfSense.
-
SOLUTION
Thanks everyone for replying. A lot of information given in the replies was incorrect, other information did help me.
I am posting this for other that may run into a similar situation.This is possible with Pfsense.
Some notes for this case:- Loadbalancing multiple modems will combine all of the speed together. But, this is only usefull when you run multiple machines. When you run speedtest on 1 machine, the machine will only archieve the speed of 1 modem. In our situation there are 60 PC's and 3 modems with 240 Mbit. With all 60 PC's we now have 720 Mbit.
- Having the same gateway multiple times on different NIC's does not matter. With the 48 we indeed have 5 IP's on the same gateway. There is no loss in speed or packets. All works as expected.
- Everything is stable.
Possible solutions:
- The Lanner device is probably the cleanest solution. I it is very hard to find them and they are very expensive.
- Our solution is using 3 external PCIe cases from Startech. In these we place 4 Intel quad wan cards. Meaning we have 16 NIC on one PCIe lane in the actual router. This works very good. It does take some extra spaces and every external PCIe cases is limitted to bandwidth of 2 Gbit. That is not a problem for us as 1 modem can only draw 240 Mbit.
- The VLAN may also be a solution. I experimented with this but I have never used VLAN before so I failed. In the beginning it worked but the VLAN showed very strange behaviour. On top of that the modem was getting stuck by it which makes me suspect there may be a problem with it somewhere there.
The very best solution would be if PFsense gets support for virtual DHCP addresses. In this case all it would require is a virtual network interface with another mac. This is definately possible. After all, if you have a machine with 16 VM's on it, the virtualisation software also does that.
Hope this helps the few others that run in this problem too.
-
- Loadbalancing multiple modems will combine all of the speed together.
Nope, that is not correct.
All you can use is 3x 240 Mbps separately, which is the opposite of "combined" as you wrote above. -
- Loadbalancing multiple modems will combine all of the speed together.
Nope, that is not correct.
All you can use is 3x 240 Mbps separately, which is the opposite of "combined" as you wrote above.Please make sure you read my situation. It is working as we speak. The network is using a total download speed of 500 Mbps. As I clearly explained this work in our situation because we have 60 PC's in this network. 1 PC will only get the maximum speed of 1 uplink. Next time please quote the following 2 lines as well.
-
You said: "combine all of the speed together" which is wrong, was wrong and will be wrong forever.
And it's not the setup you are actually describing.But I don't care anymore since you know everything better than the persons trying to help with your questions. I'm outta here.
-
Combine still means together. And yes I do use all 3 modems combined or together for my network. And together they archieve a speed of 720 Mbps. It is not about knowing better. It is about giving correct info. All info you provided so far is wrong. Let me tell you even more about the combined speed, with some adjustments and help from ee freelancer I found out how I can "combine" the speed of all 3 modems together. Allowing me to download a torrent file at a speed of 720 Mbps with just 1 pc involved. Meaning I can combine the speed. It was correct yesterday, it is correct right now and it will still work tomorrow.
In the end BlueKobold helped me out. This is what helped me find the solutions. You should stick in the "it is not possible topics".
My solution is possible and I share it with others that may have a similar case it future. Dont come here saying all I say is wrong when I have it working perfectly in real life.
-
Torrenting a file me as you can have multiple sessions opened up downloading from any possible gateways available. This is very different from combining all gateways to manage a single download session.
Without binding your circuits together, you cannot technically share all of the available bandwidth in one session, it requires multiple sessions.
In your case pfsense is load balancing and distributing that load, however you have it architected. It's not combining the bandwidth. A single session is still limited to the maximum throughout from the gateway it is going out.
-
Torrenting a file me as you can have multiple sessions opened up downloading from any possible gateways available. This is very different from combining all gateways to manage a single download session.
Without binding your circuits together, you cannot technically share all of the available bandwidth in one session, it requires multiple sessions.
In your case pfsense is load balancing and distributing that load, however you have it architected. It's not combining the bandwidth. A single session is still limited to the maximum throughout from the gateway it is going out.
Exactly.
I still dont agree on the combined thing. This discussion is useless. I clearly explained in what background is use it. In my case it is the combined speed that matters. I also said that this is not the case for single threaded downloads. -
The discussion is important. Many people incorrectly assume that you can combine the bandwidth of multiple WAN connections with pfSense or some other device. At least once a month this conversation is had, and many times people need clarification when they observe torrenting speeds exceeding the bandwidth of a single circuit.
While the conversation may be redundant, it's definitely not useless. IMHO.
-
The discussion is important. Many people incorrectly assume that you can combine the bandwidth of multiple WAN connections with pfSense or some other device. At least once a month this conversation is had, and many times people need clarification when they observe torrenting speeds exceeding the bandwidth of a single circuit.
While the conversation may be redundant, it's definitely not useless. IMHO.
In a certain way you are actually combining bandwidth if you have multiple connections, and that was clearly what I meant. I know it's not possible to archieve it on a single connection and I don't claim that either. As said we always have multiple connections.
-
In a certain way you are actually combining bandwidth if you have multiple connections,
MLPPP (MPLS) can do this and yes also pfSense is able to do so, but the certain point is, that your ISP
must also offer you this ability as a service!!!I know it's not possible to archieve it on a single connection and I don't claim that either.
As said we always have multiple connections.Load Balancing or fail over set up would be the other abilities that makes it happen to use any connections
together.