setting up 2 Internets coming from 2 mikrotiks to 1 pfsense box with 2 nics and unmanaged switch



  • So I'm setting up this dell optilex as a pfsense box, it had 1 Ethernet port but I bought a second one for it and installed it. I also got an unmanaged switch. Now when I connect the 2 mikrotik Cables to the switch and connect the switch to 1 of the Ethernet ports and setup 2 vlans I cannot connect to the ISP after setting up each vlan as a PPPOE interface and spoofing mac. So my question is how am i supposed to do this . I also need a cable going out from the pfsense box to a DDWRT wifi router that I will use for the house.
    Thanks in advance for the help.



  • PfSense? Microtik? DDWRT? Perhaps you'd better include a sketch, so we know what you're talking about. Also, where are you setting up the VLANs? What is their purpose in this situation?


  • Rebel Alliance Global Moderator

    If you want to do vlans you need a vlan capable switch... Or you need different physical switch for each vlan.



  • @johnpoz said in setting up 2 Internets coming from 2 mikrotiks to 1 pfsense box with 2 nics and unmanaged switch:

    If you want to do vlans you need a vlan capable switch... Or you need different physical switch for each vlan.

    is it possible to make this setup happen with 2 NICs and 1 unmanaged switch? In other terms, is it possible to plug this switch to 1 NIC and plug 1 PPPOE cable into it and use one of its port as a LAN port for the wifi router



  • @rain-0 said in setting up 2 Internets coming from 2 mikrotiks to 1 pfsense box with 2 nics and unmanaged switch:

    @johnpoz said in setting up 2 Internets coming from 2 mikrotiks to 1 pfsense box with 2 nics and unmanaged switch:

    If you want to do vlans you need a vlan capable switch... Or you need different physical switch for each vlan.

    is it possible to make this setup happen with 2 NICs and 1 unmanaged switch? In other terms, is it possible to plug this switch to 1 NIC and plug 1 PPPOE cable into it and use one of its port as a LAN port for the wifi router

    We really need to know more about what you're doing. VLANs are typically used to create logically separate networks. In order to create a VLAN in that situation, you need a managed switch. Unmanaged switches can pass VLANs, but you still need to configure them elsewhere, such as at a router or on individual computers. Given that you're now talking about 2 NICs, I assume you're talking about the WAN side of this. In this case, you'd have 2 interfaces to configure. Same with VLANs, except one would be the VLAN. However, you'd still need some way to create the VLANs. However, without further info, I'm just guessing at what you're trying to do.



  • @jknott Hmm, i'll re-explain and try to be more clear. I have 2 NICs in my box and I have an unmanaged switch. I have 2 internet connections each coming in a seperate cable. I want to load balance them so I can get faster speeds when downloading large files. How can I achieve this with the hardware I have if I also want a cable out of the box into a wifi router that serves wifi inside the house.


  • Rebel Alliance Global Moderator

    @rain-0 said in setting up 2 Internets coming from 2 mikrotiks to 1 pfsense box with 2 nics and unmanaged switch:

    so I can get faster speeds when downloading large files.

    It doesn't work that way.. Are you going to be doing multiple sessions like over torrents/p2p or downloading a large file over a server that would be via 1 session?

    Where did you learn the term vlan? I am guessing you don't actually understand what it means or how it is accomplished.

    Sounds like you have 1 switch with 2 nics and want at min 3 different networks. Trying to run multiple tagged vlans over a dumb switch is just plain borked.. Trying to run multiple layer 3 on the same layer 2 is borked..

    If you want to run 3 different networks over a switch that connect to 2 physical nics on your router then get a vlan capable switch - Period and of story.. Talking about "what" could be done in some jury rigged hacked up BORKED config is beyond the scope of what should be discussed. If you want to talk what "can" actually be done and works techy wise over a few beers and your tech buddies have at it. But suggesting such stuff here where 100's if not 1000's of new users and not so techy users read is just plan bad practice.

    It comes down to these basic facts - if you want to use vlans, then you need a switching infrastructure that understands and supports the tags.. Talking about what current modern dumb switches do or don't do with the tags is not the point..

    You have 2 internet connections, you have hardware to run pfsense on, you clearly must have multiple devices behind this router, etc. You can afford a freaking $30 switch that can do vlans correctly.

    Come back when you have either a smart switch that can do vlans, or get another nic in your router if you want to run 3 different networks.

    That all being said - your not going to see faster downloads over 2 internet connections downloading http://whatever.com/file.zip



  • @johnpoz thank you for the super passive aggressive reply. When it comes to this place or the arch linux forums people decide to be just plain pricks. Get your act together and thanks once again



  • I don't want to be super passive aggressive, but I have to agree with johnpoz. You can't just connect 2 ISP connections and expect to get load balancing. As stated above, you need multiple users to get balancing. One user would be over one connection and the next over the other. The more users you have the closer you can get to balanced traffic over the 2 links. One other consideration is that unless you're properly configured for this sort of thing, the 2 ISPs will provide different addresses, which rule out sharing traffic between the 2 for balancing. If you were to set up load balancing properly, you'd need to use a method that balances the traffic. Look up redundancy protocols. You'd also have your own IP address block, which both ISPs can route to.

    Stop and think a moment about what you're trying to do. With TCP, a connection is set up between 2 addresses. If you have 2 routers on different ISPs, those routers will have different addresses. Now, when you try to send packets from that TCP connection, what will be the source address? If you try to send alternately between the 2 routers, half the packets will have the wrong source address for that TCP connection, which means it will fail.

    With redundancy protocols, virtual routers are created, so that no matter which path is taken, they still have the same address. They will also use virtual MAC addresses, so that a computer behind them has no idea which router is used. It's just transparent. One method used to balance the load is for the ARP requests to return a different MAC address for the same IP, so that each user can be assigned to one of the available routers. So, first user gets the first router, 2nd gets the 2nd, etc. The more users, the better they're distributed over the available links and the better the overall load is balanced. Another method, which could work with more than one ISP is to simply hand out different router IP addresses, so that a user will always use the same router.

    As you can see, load balancing is more than just connecting multiple ISPs to a router.

    Here's some info:
    Virtual Router Redundancy Protocol


  • Netgate Administrator

    @rain-0 said in setting up 2 Internets coming from 2 mikrotiks to 1 pfsense box with 2 nics and unmanaged switch:

    @johnpoz thank you for the super passive aggressive reply. When it comes to this place or the arch linux forums people decide to be just plain pricks. Get your act together and thanks once again

    There's no need for this. Johnpoz is trying to help.



  • The simple answer to your question bro is you cannot do this with the switch you have. You need at least a L2 managed switch to do this the right way. 2 WAN links will not double you bandwidth either. What you have been told (as far as I know) is completely correct. JohnP might be abrasive but he is correct from a technical perspective. For a cheap managed switch stay away from Trendnet. I don't think they handle vlans properly. For a consumer grade switch, a Netgear or a Dlink will do. Personally, depending on what you internal requirements are, a used Cisco Catalyst or an Adtran Netvanta would work wonders. But the others would work too...

    Good day to you.
    ACL



  • @aclouden said in setting up 2 Internets coming from 2 mikrotiks to 1 pfsense box with 2 nics and unmanaged switch:

    For a cheap managed switch stay away from Trendnet

    I don't know about Trendnet, but that's certainly the case with TP-Link.


  • Rebel Alliance Developer Netgate

    @jknott said in setting up 2 Internets coming from 2 mikrotiks to 1 pfsense box with 2 nics and unmanaged switch:

    @aclouden said in setting up 2 Internets coming from 2 mikrotiks to 1 pfsense box with 2 nics and unmanaged switch:

    For a cheap managed switch stay away from Trendnet
    I don't know about Trendnet, but that's certainly the case with TP-Link.

    That isn't universal, though. The low-end/cheap TP-Links can be iffy, there is a long thread about how they suck, but the 1Us like the TL-SG2216 or the T1600G-28TS/TL-SG2424 have been great in my experience.



  • @jimp

    Perhaps, but I'll still avoid TP-Link entirely, as they clearly have some incompetent people. Perhaps if enough people discuss this problem they'll hear about it and get the message.


  • Netgate

    When you can get a Brocade ICX6430-24 on eBay for $75 I have no idea why anyone would buy anything less at the gigabit level.



  • Sorry guys.. I meant the TP-Link devices..... My bad...


 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy