Ability to route to different gateways based on DHCP ip address returned
-
Why do you need them in the same subnet?
-
Why do you need them in the same subnet?
If I have them in the same subnet, then I dont' need to configure anything in the future, any multicast protocol would work (IGMP, PIM[dense|sparse|SourceSpecific], SSDP, etc….)
I was hoping to keep everything in 1 subnet but I want the luxury to have multiple SSIDs which allows me to dictate the gateway to route through internet rather being forced to change static IP Address each time I want to use a different gateway to route through internet.
Hope it makes it clear.
-
Why do you need them in the same subnet?
If I have them in the same subnet, then I dont' need to configure anything in the future, any multicast protocol would work (IGMP, PIM[dense|sparse|SourceSpecific], SSDP, etc….)
I was hoping to keep everything in 1 subnet but I want the luxury to have multiple SSIDs which allows me to dictate the gateway to route through internet rather being forced to change static IP Address each time I want to use a different gateway to route through internet.
Hope it makes it clear.
Unfortunately it doesn't. You seem to be going through a lot of trouble for reasons that escape me. On one hand you want things to be on the same network, but on the other, you don't.
-
I'm also unclear on the reasoning here.
If you're worried about "same-subnet protocols" not working, there are specific provisions in pfSense to accommodate for (for example) broadcast between subnets; further reading: https://doc.pfsense.org/index.php/IGMP_Proxy
-
I'm also unclear on the reasoning here.
If you're worried about "same-subnet protocols" not working, there are specific provisions in pfSense to accommodate for (for example) broadcast between subnets; further reading: https://doc.pfsense.org/index.php/IGMP_Proxy
IGMP Proxy is buggy
Perhaps a real scenario would help:
I take my Tablet Select SSID A, go on website www.whatismyip.com and is says Canada, I go on netflix Canada.
I take the same Tablet, change to SSID A, go on website www.whatismyip.com and it says USA, I go on netflix USA, Hulu USA
I take the same table, change to SSID C, go on website www.whatismyip.com and it says UK, I go on netflix UKDespite whichever SSID I pick (A or B or C) I still wish to remain in the same subnet so that all my Synology NAS, Sonos, Wireless Printer, IP TV and all whatever protocol that usually works just within a subnet works on my tablet.
I am aware of the work arounds:
- use VLAN and either use IGMP Proxy, Avahi or stop using those home protocols ( clickely clickely )
- Simply change the ip address manually on the tablet to a different range within the same subnet ( I can even write Android application that does that….I know...)
- Simply use OpenVPN Android software directly on the tablet, create a OpenVPN directly from Tablet
The whole purpose of the thread was to see if I can find a method to leverage multiple SSID / DHCP.
I won't be pursuing this anymore....it's looks like a dead end....
-
I take the same Tablet, change to SSID A, go on website www.whatismyip.com and it says USA
Here I assume you meant SSID B.
I won't be pursuing this anymore….it's looks like a dead end....
Not so fast! I have not tried this myself, but perhaps you could use policy-based routing. I propose:
- Do not use multiple LAN DHCP servers; only use one
- Do not use multiple LAN subnets; only use one
- You have one interface for each of the three APs, plus a bridge interface that bridges them all together.
- Do not assign any of the AP interfaces to have an IP. Only assign an IP to the bridge.
- Have three different gateways, one for each VPN.
- For each AP interface, create a firewall rule for policy-based routing. This requires going to Firewall / Rules, and under Advanced, selecting the appropriate Gateway.
I'd be interested to hear whether this works. You might need to change some of the tunables relating to bridge filtering.
-
Interesting ! :) So basically bridge 3 interfaces together within 1 subnet, use 1 dhcp (not choice if bridged) but then use the interfaces for rules for gateway. ;D
Can anybody here confirm what Reinderien suggested ?
It might take me a bit of time to re-produce, I need to bridge 2 interfaces together ( never did that ).
Wonder if I can bridge 2 VLAN, need to read on that also.
okay, before giving up, your suggestion does merit some investigation :)
-
- Do not use multiple LAN subnets; only use one
Access points that support multiple SSIDs generally use VLANs. You can't have the same network on different VLANs.
-
Access points that support multiple SSIDs generally use VLANs. You can't have the same network on different VLANs.
Thanks. That's true, I didn't think about that (ubiquity supports 4 SSIDs but they are VLANS)
I have an extra old router that has AP mode (2.4GHZ only) that I can plug and create an interface.
I don't mind buying a few access point if I can make this work ! :)Would it work ?
-
Would it work ?
Dunno, and I don't have multiple APs to try. You could try it with one or more cheap APs-on-a-USB-stick.
-
The problem with what he wants is there is no way, short of VLANs, for pfSense to do what he wants. His first problem is having some difference that can be recognized. For example, the MAC address will not change with different SSID, so a DHCP server can't issues a specific IP address. With VLANs, it's a simple matter to have a different address range that can be filtered, but he doesn't want to do that.
-
the MAC address will not change with different SSID
It will if the SSIDs are offered over different interfaces.
-
Since he wants them to be in the same subnet, sooner or later they'll be on the same network/interface. There's no way around that, given he wants multicasts etc. to work.
-
That means the earlier suggestion of reinderien of bridging the interfaces together won't work because you can only have 1 DHCP per bridged interfaces ?
So the only way to achieve this is VLAN which comes with it's caveat such as difficulty to have SONOS appliances working across VLAN.
If I want to stick to the same subnet, I have only 2 choices
-
Manually change the IP ( Boring…. it's so 90's....)
-
Write little Android App / Win 32 App that I press a button and it switches IP address. At that point, mind as well use OpenVPN software. Some VPN providers only allow 1 OpenVPN Tunnel connectivity.
Thank you all for you help & suggestion
-
-
That means the earlier suggestion of reinderien of bridging the interfaces together won't work because you can only have 1 DHCP per bridged interfaces ?
You can certainly have more than one DHCP server and that's often done for redundancy. However, expecting a DHCP server to know whether you want to use it will not work. When a device makes a DHCP request, any server can respond and generally the first response is used.
