Is it possible to create "virtual" WAN interfaces? (not VLANs)
-
Hello everyone!
I am currently running pfSense as an VM inside ESXi and I would like to move it outside of the box, as a standalone machine with a 4x 1Gbps ports card.
Here's my setup to help understand what I am trying to achieve
-
I have a symmetrical 10gig EPON connection provisioned at 1.15gbps and my ONT (modem) has 4x 1 gbps ethernet ports
-
I have multiple LAN VLANs entering my router through 2 physical ports (my main LAN VLAN is alone on port #1, all other LAN VLANs are on trunk port#2)
-
I have 4 DHCP WAN currently setup on 2 physical ports (my main WAN associated to the main LAN is alone on port #3, all 3 other WANs are on port #4).
-
Physical ports #1-2-3 are passthrough from ESXi so 100% managed by pfSense.
-
Physical port #4 is the uplink port of my WAN vSwitch from ESXi, on which I have 3 virtual interfaces assigned to pfSense acting as WAN2-3-4.
Actual question : Is there a way to create virtual interfaces for my WAN2-3-4 so that I can use only 1 physical uplink to my modem for these WANs, just like it is right now in ESXi?
I know that I could create VLANs on the WAN2 physical interface and trunk them to my switch and setup 3 ports in access mode for these 3 VLANs to link to the modem. This will take up 4 ports on my 3560X switch which I would prefer not to.
I would like all for my WAN to link directly to the modem as it is right now. I don't plan on using the onboard port of the new machine as it is a Realtek NIC and I prefer my Intel quad gig card.
Someone mentionned Open vSwitch to me but I can't seem to find much information regarding what I want to do.
Virtual IPs feature is out of the question because I am using DHCP.
No my provider will not provide me a /29 IP block as I am a residential customer, and anyways the price would be outrageous if I were a business customer.
Thanks for your input!
-
-
How would you transport Multi Lan ethernet frames (down the same wire), without encapsulating them with vlan tags ?
A little Ie. D-Link DGS-1100-08 (8-port Vlan capable) costs less than 50$ , is fanless & power effective.
Use such a solution if you want to save on your 3560 ports.Ps: Don't even Consider a TP-Link (VLAN leaking)
PPs: A simple drawing would not be bad here.
/Bingo -
@bingo600 I dont need them to be tagged, I just need a virtual switch with virtual interfaces, exactly like ESXi is providing
-
I'm not sure i even understand your setup.
You want to transport 4 interfaces down one wire wo. tagging ?Look into Firewall -> Virtual IP's , where you can make aliases.
If all you need is multi-ip's on the same IF.If you find my answer useful - Please give the post a š - "thumbs up"
pfSense+ 23.05.1 (ZFS)QOTOM-Q355G4 Quad Lan.
CPUĀ : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
LANĀ : 4 x Intel 211, DiskĀ : 240G SAMSUNG MZ7L3240HCHQ SSD -
@bingo600 said in Is it possible to create "virtual" WAN interfaces? (not VLANs):
Look into Firewall -> Virtual IP's
https://docs.netgate.com/pfsense/en/latest/firewall/virtual-ip-addresses.html?highlight=virtual
-
@bingo600 Unfortunately this is not going to work because it's only for static IP addresses, and my provider is forcing me to use DHCP.
My current setup is :
ESXi host
- pfSense VM
- ethernet ports 1,2,3 : passthrough directly to the pfSense VM
- ethernet port 4 : managed by ESXi as a vSwitch uplink port
- virtual ethernet ports 1-2-3 : created by ESXi on the same vSwitch as ethernet port 4, assigned to the pfSense VM and used as "WAN2" "WAN3" "WAN4"
I would like to retain this type of setup, without using ESXi
And yes, I want to transport 4 interfaces on 1 wire, just like any uplink from a switch to another
-
@vizi0n said in Is it possible to create "virtual" WAN interfaces? (not VLANs):
@bingo600 Unfortunately this is not going to work because it's only for static IP addresses, and my provider is forcing me to use DHCP.
My current setup is :
This is where the drawing would come in handy.
I would like to retain this type of setup, without using ESXi
Understandable.
And yes, I want to transport 4 interfaces on 1 wire, just like any uplink from a switch to another
How would that be possible wo. vlan tagging ?
You even mentions switch & uplink (implies tagging).Edit:
I hear ... : I want to go from 1 physical IF, and "fan out" to 4 physical IF'sDoable with a switch & tagging
-
@bingo600 said in Is it possible to create "virtual" WAN interfaces? (not VLANs):
How would that be possible wo. vlan tagging ?
You even mentions switch & uplink (implies tagging).Well, switching and uplink don't necessarily mean trunk/tagging. By saying "uplink" I simply mean a connection to a cascading switch further up the tree (in this case, to the ethernet switch inside the modem).
If you directly connect a basic switch (no VLAN support, just plain access ports) to a modem, and connect 3 different routers to your switch, they will all obtain IP addresses from the ISP, without any VLAN tagging. It's exactly what I want to achieve, by creating 3 virtual interfaces in pfSense that I could then bridge together with my physical port #4, which would act as an uplink to my modem. Basically, I want pfsense to act a a switch by using a bridge of interfaces that would combine 1 physical IF and 3 virtual IF.
Maybe it's clearer explained this way?
I don't have time for a drawing right now because I'm already in bed but maybe tomorrow if I have some spare time
-
Ahh ... Now i see.
But i doubt you can do that w. pfSense.I think you have either physical interfaces , or vlan tagged interfaces.
