Balancing private WAN links



  • I tried to post this before, and it did not appear to get posted, so if this is double posted, I apologize.

    Hello everyone.  I am hoping that someone in this forum can point me in the correct direction.  I currently have been given the duties of balancing our WAN links between our facilities.  I have been looking into all types of solutions, and then I forgot, why not check out Sourforge!  I did and found pfSense.  I love open source projects and products and started looking into this one.  I downloaded the ISO and started playing with it.  (I most likely will end up buying the appliances, since this is for my employer.  This way that get support with it if I am not around.)

    After playing around with a virtual machine and configuring WAN link balancing, I thought it might be a great solution, except I now think I see a potential problem.  All of the information I have found to balance the links appears to be geared towards balancing ISP connections.  This uses the firewall and gateway groups.  I do not need the firewall portion.  These are all private point to point links between my buildings.  I would like to be able to just route to a gateway group, but this does not appear to be possible.  Is there anyway to route to the the gateway group, instead of applying firewall rules and NAT?



  • Since I see people reading my post, but no replies, let me give you my current WAN configuration and then maybe someone can tell me if pfSense would be able to accomplish what I am looking for.

    Location 1:
    Dedicated private Fiber to Location 2
    Microwave to Location 2
    Metro Ethernet to Location 3
    Microwave to Location 3

    Location 2
    Dedicated private fiber to Location 1
    Microwave to Location 1

    Location 3
    Metro Ethernet to Location 1
    Microwave to Location 1

    What I am trying to accomplish is to try and link the connections from location 1 to locations 2 and locations 3 for at least fail over, ideally fail over and link balancing, but will happily take just the fail over.  I want to be able to then do the same thing at location 2 and location 3 back to location 1.

    1. Can pfSense do this?
    2.  If so, how would I set it up?

    I was thinking that I would need a 5 port (1 LAN 4 WAN) device at location 1 and a 3 port device(1 LAN and 2 WAN) at location 2 and location 3.  I was testing an did find directions on balancing between 2 WAN links, but my issue is I don't want to NAT/firewall the connections.  I am thinking this may cause some issues with traffic.  Location 1 is our main location and all data and VoIP traffic is sent there.  Any help any of you can give me would be greatly appreciated.  I was looking at Barracuda products and a possible FatPipe solution, but would rather support an open source product if I can.

    Thanks



  • I proposed this type of setup myself a couple times on this forum with the same non-existant replies. Every so often I experiment with setup and have yet to find a workable solution to do this without NAT/Firewall enabled.


Log in to reply