Dual Wan and CARP
-
–----------------------------------Internet------------------------------------
l l
l l
DHCP-RR Residential - GW 68.202.0.1 Static - RR Business - GW 67.79.184.106/30
l l
l l
Wan DHCP Address Opt1 (Wan2)67.79.184.106
------------------------------------Trotsky------------------------------------
LAN - 192.168.1.1 Opt2 (DMZ) - 192.168.15.2
l l
Lan - 192.168.1.0/24 DMZ - 192.168.15.0/30My DHCP Gateway doesn't change
DMZ is for Vonage / Linksys WRTP54G ATM @ 192.168.15.3 via DHCP
Lan is for Lan ---- Torrent server on lan subnet @ 192.168.1.200pfsense version is BETA3-PLUS-11548-PLUS-11567
Traffic Shaper is turned off for now.Nat is setup as advanced
Interface Source Source Port Destination Destination Port NAT Address NAT Port Static Port
WAN2 192.168.1.0/24 * * * * * NO
WAN2 192.168.15.0/24 * * * * * NO
WAN 192.168.1.0/24 * * * * * NONat port forwarding is
IF Proto Ext.port range NAT IP Int. port range
WAN UDP 5060-5069 192.168.15.2 5060-5069
(ext. 68.202.3.76)
WAN UDP 10000-20000 192.168.15.2 10000-20000
(ext. 68.202.3.76)
WAN2 TCP 49160-49300 192.168.1.200 49160-49300
(ext. any)WAN Rules - for Vonage - I want all Vonage traffic over this Wan Connection
Proto Source Port Destination Port Gateway- RFC1918 Networks * * * *
UDP * * 192.168.15.2 5060-5069 *
UDP * * 192.168.15.2 10000-20000 *
Wan2 Rules - for Torrent Server - I want all torrent traffic over this Wan connection
Proto Source Port Destination Port Gateway
TCP * * 192.168.1.200 49160-49300 *DMZ Rules -
Proto Source Port Destination Port Gateway
Lan Rules - Lan to DMZ rule is for remote management of Vonage router through 192.168.15.2:8080
Proto Source Port Destination Port Gateway- LAN net * DMZ net * *
- LAN net * * * *
- LAN net * * * 67.79.184.105
I Can't ping the internet from the Vonage ATM - I think this is a DNS Issue
I Can't get connection for the torrent server - Routing Issue?
Any help will be greatly appreciated.Ultimately I want to do load balancing and then carp.
For carp and load balancing , I was thinking that I could:-
Create a 2nd pfsense box = lenin - LAN 192.168.1.2/24
-
a) add a router/gateway @ my DHCP-RR Residential Connection with a LAN side 10.0.0.0/29 subnet
b) set WAN trotsky as 10.0.0.2/29
c) set WAN lenin as 10.0.0.3/29
d) Create a CARP virtual ip as 10.0.0.5/29 -
a) add a router/gateway @ my Static - RR Business Connection with a LAN side 10.0.10.0/29 subnet
b) set WAN2 trotsky as 10.0.10.2/29,
c) set WAN2 lenin as 10.0.10.3/29
d) Create a CARP virtual ip as 10.0.10.5/29 -
a) expand the DHCP addressing for the 192.168.15.0/30 subnet to 192.168.15.0/29
b) Create a CARP virtual ip - 192.168.15.6/29
c) configure the dhcp server on that subnet to gateway to 192.168.15.6 -
a)add CARP virtual ip - 192.168.1.254/24
b)Change the DHCP Server gateway for the LAN/192.168.1.0/24 subnet from 192.168.1.1 to 192.168.1.254 -
Create a new load balancer pool
LOAD = LAN Interface = 192.168.1.254 ---- Gateway to monitor = 10.0.0.5
LAN Interface = 192.168.1.254 ---- Gateway to monitor = 10.0.10.5 -
Add new LAN rule
Proto Source Port Destination Port Gateway
- LAN net * * * LOAD
- a) Set trotsky as CARP Master - sync everything
b) sync over LAN subnet
With the results to look like .......
-----------------------------------------------------------------Internet----------------------------------------------------------------- l l
l l
DHCP-RR Residential - GW 68.202.0.1 Static - RR Business - GW 67.79.184.106/30
l l
l l
DHCP Address 67.79.184.106
router / gateway1 router / gateway2
10.0.0.1/29 10.0.10.1/29
l \ / l
l \ / l
l \ ______________________________________________ / l
l ____________________________________l/ l
l l l l
WAN - 10.0.0.2 WAN2 - 10.0.10.2 WAN - 10.0.0.3 WAN2 - 10.0.10.3
Virtual IP - 10.0.0.5 Virtual IP - 10.0.10.5 Virtual IP - 10.0.0.5 Virtual IP - 10.0.10.5
------------------------------------Trotsky------------------------------------ ------------------------------------Lenin------------------------------------ LAN - 192.168.1.1 Opt2 (DMZ) - 192.168.15.2 LAN - 192.168.1.2 Opt2 (DMZ) - 192.168.15.3
l l l l
Lan - 192.168.1.0/24 DMZ - 192.168.15.0/29 LAN - 192.168.1.0/24 DMX - 192.168.15.0/29
- RFC1918 Networks * * * *
-
I got my Vonage to work….. I had and error in my NAT table
Interface Source Source Port Destination Destination Port NAT Address NAT Port Static Port
WAN2 192.168.1.0/24 * * * * * NO
--->WAN2 192.168.15.0/24 * * * * * NO <------ Should of been to WAN interface.....
WAN 192.168.1.0/24 * * * * * NOVonage provised and all
-
Now I Feel Like a big jerk…... when I switched networks, never bothered to change my gateway on my bittorent server. just a simple route del / route add, and the packets are flying........
Everything is flying down the right paths and which is nice, I think I can do just fine right now with what I have, not bad for my houseBTW..... this is a wonderful project. Keep up the good work. If you every need a half wit like me to beta test I will...... just be warned RTM is going to be my first tatoo