Sharing ethernet line with dedicated pipe for each company
I have a client installing a 100/100 ethernet line. They have another company on site that wants dedicated 20mb and another couple of companies that would happily share another 20mb between them. So, I would like to install 2 PFSense boxes that have HA failover, that can then give one dedicated IP the full 20, another two dedicated IP's a share of another 20mb and then another 2 IP's for my client with the rest (60mb).
I have no idea where to begin! I am used to pushing out pfsense with standard NAT or multiwan with NAT. I assume I have one WAN with 3 IP's (for carp) and one LAN (3 WAN IP's for HA) and then traffic shape against the IP's I give to each tenant?
What method should I use for the bandwidth restrictions?
<Edit> Uploaded a picture
Do you need those 4 routers at the bottom or could you get away with each client just being on their own subnet ?
Not sure why you need the two routers doing HA as there is only a single ISP router.
Also how many public IP addresses are you receiving ?
Yeah why not just use 1 pfsense, put your different companies on different networks and then just limit bandwidth or better just rate limit them at the switch level.