Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Where does pfSense fit into the SD-WAN market?

    Scheduled Pinned Locked Moved General pfSense Questions
    24 Posts 12 Posters 28.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JKnottJ
      JKnott @johnpoz
      last edited by

      @johnpoz said in Where does pfSense fit into the SD-WAN market?:

      It gives any Joe the ability to think they know networking

      hahaha - good one..

      I can top that. A few years ago, one customer thought she knew more about networks than I did, because her husband had read some magazines. She was upset because I had connected my computer to the switch with CAT5 cable, after we had run in CAT6. She thought it would slow everything down!

      PfSense running on Qotom mini PC
      i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
      UniFi AC-Lite access point

      I haven't lost my mind. It's around here...somewhere...

      1 Reply Last reply Reply Quote 0
      • R
        rcoleman-netgate Netgate @pimpmyrouter
        last edited by

        @pimpmyrouter said in Where does pfSense fit into the SD-WAN market?:

        I've just received the hardware for a SW-WAN service. It looks like a rebadged SG-5100 and this triggers me a little as it will sit next to my own SG-5100 as an extra single point of failure!

        We're not an OEM so that is likely from our partner Lanner.

        Ryan
        Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
        Requesting firmware for your Netgate device? https://go.netgate.com
        Switching: Mikrotik, Netgear, Extreme
        Wireless: Aruba, Ubiquiti

        1 Reply Last reply Reply Quote 1
        • P
          pimpmyrouter
          last edited by

          Having had a SD-WAN service for 6 months, I'll summarise it...

          This is a service that sits in front on my pfSense. There's one primary public facing IP address which the SD-WAN provider manages. We have 2x standard FTTC connections and one standby 4G connection, all feeding via modems into an aggregation box that the provider gave us, that is the same hardware as a SG-5100. Each connection could in extremis be fed into my SG-5100 with its own publicly addressable IP address if the provider fell down. Essentially, the provider tunnels all data from the primary IP address to their box over the 2 FTTC connections, doubling the max throughput for one connection to about 140mbps. There's some QoS magic but the packets just arrive.

          So what we get is double the throughput (not the same as load balanced WANs which can't use both connections for the same download), failover resilience, and above all a consistent external IP address for our OpenVPN server, independently of which physical last mile connections are active.

          I have no doubt it would be technically feasible to run our client end on the same SG-5100 unit under a pfSense package, and that would reduce the power consumption and potential for failure, but (a) that's unlikely, and (b) you'd still need a very redundant and resilient gateway somewhere else to create these tunnels.

          So pfSense can't really compete, unless something else was running the external gateway ...such as Cloudflare Tunnels.

          M 1 Reply Last reply Reply Quote 1
          • M
            michmoor LAYER 8 Rebel Alliance @pimpmyrouter
            last edited by

            @pimpmyrouter Yep agreed.
            SDWAN and Multi-WAN(with tiers) just isnt the same thing.
            But i dont think pfSense is meant to be in the SD space anyway.

            Firewall: NetGate,Palo Alto-VM,Juniper SRX
            Routing: Juniper, Arista, Cisco
            Switching: Juniper, Arista, Cisco
            Wireless: Unifi, Aruba IAP
            JNCIP,CCNP Enterprise

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.