Two WAN on two interfaces - same public range



  • Hello,

    I'm trying to set up the following scenario with this “tools”:

    • pfSense server with 8 (1 Gb) ports
    • a 1 Gbps up/down connection
    • a range of 62 public IP’s
    • a ISP provided Switch with 8 Gb ports (working for that 62 range)

    I would like to have for example LAN1 and LAN2 go to WAN1 which has a static IP from the public range and has an interface on the pfSense server

    and then

    LAN3 and LAN4 go to WAN2 which has another static IP from that same public range and uses a different interface on the same pfSenes server.

    The first part I have working just fine, but when I try adding the WAN2 interface I get an error:

    The following input errors were detected:
    • IPv4 address xxx.xxx.xxx.xx/26 is being used by or overlaps with: WAN (xxx.xxx.xxx.xx/26)

    What am I doing wrong? Do I have to subnet the public range so I can have multiple WAN interfaces – and loose a few IP’s? I’m not doing failovers atm,.

    Does it even make sense to do it that way? I want to do it that way to optimize performance on the networks since both my pfSense and ISP provided switch have 8 ports. So I thought instead of having one WAN interface why not have two and “balance” the load manuall.

    Sorry if this was already answered on the forum, usually the “dual wan” setup is for failovers.

    Cheers!



  • Now that I think about it… it is logical that I have to subnet it. Just because it is a WAN interface I didn't think that something that simple could interfere with my plan.

    Am I right? Does my plan for better performance with two wan interfaces and two cables make sense even at the cost of a few lost IP's due to subneting?

    Thanks



  • How are you going to get better performance?  Your line speed is fixed and likely an order of magnitude slower than your NICs.  Having multiple WANs on the same wire just means they'll all be fighting each other for bandwidth.  Usually you have multi-WAN with multiple ISPs.


  • Rebel Alliance Global Moderator

    ^ exactly..

    So I read this
    -  a 1 Gbps up/down connection

    Meaning you only have 1 Gbps from your ISP.. Doesn't matter if you have 1000 IPs or 48 port switch they allow you to connect with.  So its completely pointless really to have more than 1 connection, other than say faillover.  Which you could do with a lagg setup to the switch.

    So setup your IPs via VIPs and control in out that way if want.



  • First of all, thank you for the quick reply.

    Secondly, I do know that more IP’s and/or ports won’t make my bandwidth better :). When I was thinking about performance I had something different in mind.

    On the first set of LAN’s I have around 140 users, and on the other set of LAN’s around 130 – so I was thinking purely on performance as in computing power of the NIC’s. As in – it is easier for two NIC’s to handle 130+- users each, instead of one handling 260+-. I know that most of the hard work is done by the server’s CPU but there is still some done by the outgoing WAN NIC when communicating with the Internet.

    Maybe I’m overthinking it and the mere 250+- users accessing the Internet is nothing for my WAN NIC.

    Cheers


  • Rebel Alliance Global Moderator

    Why would the number of users matter??  It matters how much bandwidth their sessions are pushing..  While yes at some point the number of sessions could come into play.  That is not going to be your issue.  Your isp limits you to 1 gig.. Connecting multiple devices because they gave you a switch is not going to get you above 1 gig..  If you think that is the case give it a try connect multiple devices and all load them up do you get 2gig, 3gig, 4gig all the way up to the number of your ports?