Help with multi-LAN



  • Hi good day to everyone! Thank you for taking time to read my post!

    I am a newbie at pfsense right now my setup is that my dhcp server is on ccboot and firewall rules, Wifi etc is handled by pfsense on a vmware virtual machine
    I have 77 computers connected to my server, and I use 4 NICs for ccboot, my question is, to achieve optimal performance of internet bandwidth for the 77 client PCs do I need to also have 4 LAN Interfaces on pfsense? or is it fine that my setup only has 1 NIC for LAN interface?

    im really a newbie pls help guys thx!



  • What is a ccboot?

    What is the bandwidth of the Internet service?

    I'm assuming pfSense has 1 interface for WAN (Internet) and 1 interface for LAN?


  • Rebel Alliance Global Moderator

    Have to guess he is talking about http://www.ccboot.com/

    Its a system for pxe boot from my take on it.. Thin client sort of thing.. That he boots his machines from I would take it.  This really has zero to do with pfsense.

    Why do you have 4 interfaces on your ccboot server would be my question.. Guessing you have them in a LAGG? to have more bandwidth to all the machines?  Pfsense has nothing to do with lan traffic.. Pfsense is a gateway off a lan to the wan/internet so unless you are routing between your lans pfsense has no need of more interfaces.

    So more details of your switching infrastructure and we could discuss how to optimize that if possible.



  • hello thank you for replying! sory if im a big newbie hehe…
    yes ccboot is for PXE boot so that client computers dont need hardisk. it has four nic becaus the server acts as the hardisk for all clients all clients can play a game even if you only install it at server. the server creates an image of the hdd as if the clients has hardisk clients gets this through the nics if i use only one nic the games in client lags and yes it has nothing to do with pfsense i just mentioned it because it handles my dhcp, i dont know if that would matter hehehe anyway my pfsense setup is 5 nic for:
    1. wan
    2. lan
    3. wan2
    4. wifi with captive portal
    5. wifi without captive portal

    wan is for internet acess for ports that has something to do with browsing ex. port 80. this has 100mbps
    wan2 is for gaming its fibr 50mbps

    firewall rules
    all ports that has to do with internet browsing goes to wan2 but liimited to 60mbps (limitter has no mask)
    wifi can access all ports but limited to 20mbps (no mask)
    wifi2 same with wifi
    wan2 can access all ports but limited to 512kbps per client (with mask)

    this is my setup so that evdo if someone streams a video or download something the online games wont be affected.

    my question is if all data is handled by one nic (LAN Inteqface) wont that nic gets battle neck? I hopdm I make sense thank you again...


  • Rebel Alliance Global Moderator

    The only traffic that would go to the LAN interface is traffic from devices on LAN wanting to go to the internet or wifi?  Or traffic from wifi to the LAN

    Devices on lan talking to other devices never talk to the lan interface..  If limiting wan connectivity to 60mbps how would that interface be "bottlenecked" unless it was a 10mbps interface?



  • Lan interface is connected to a switch (mother switch) then that switch is connected to other switches then those switches are finally connected to the client computers. so its ok to have only 1 nic for lan interface because it only communicates with the mother switch?

    I didnt limit the wan itself, I created an alias for a list of ports (80,8080 etc.), I then created limiter in traffic shaping for upload and downlod (dl - 60mbps,  ul-30mbps) and then finally created a firewall rule at lan put my limitter on in/out option at advance.

    the left 40mbps internet bandwidth download I split in two for wifi 1 and wifi2… 20mbps each except this time there firewall rule are not restricted to any ports...