Routing for Cogent



  • I am switching my pfSense from a /28 from Centurylink to a /28 from Cogent.

    With Centurylink, it's simple: the first host of my /28 is provided by CL and is my gateway for the remainder of the hosts. All I need to do is assign pfSense an IP and a gateway, and it works! Centurylink Example:
    Network: 55.55.55.0/28
    GW: 55.55.55.1 (provided by CL upstream on a Cisco device)
    Remaining hosts: 55.55.55.2-55.55.55.14

    Moving to Cogent, they have assigned my Router a /29 and my clients a /28:
    Connected Address Block: 38.38.38.56/29
    Cogent Router port IP/Gateway: 38.38.38.57
    Customer Router Port IP: 38.38.38.58

    Cogent Assigned IP Block : 38.47.47.32/28

    I'm pretty sure I that if I assign the pfSense WAN an IP of: 38.38.38.58 and a GW of: 38.38.38.57 then my LAN will have access to the internet.

    Question #1 is: How do I use the remaining IP address? Can I simply add Virtual IP/Alias?

    Question #2 is: Can I provision a pfSense with WAN an IP of: 38.38.38.58 and a GW of: 38.38.38.57, then set up the LAN as 38.47.47.33/28 and then provision other pfSense(s) on 38.47.47.34-38.47.47.46, each with their own LAN?



  • @unsichtbarre #1 yes and #2 yes, not just pfsenses, also hosts with internet services in a dmz, filtered by pf rules as needed.



  • @netblues Thanks!

    If #2, how do I enable generic (forward all traffic) downstream routing to the pfSenses 38.47.47.34-38.47.47.46?



  • @unsichtbarre You don't. Your isp has routed the /28 behind 38.38.38.58
    Just put firewall rules, as usual.

    Downstream pfsenses will have 47.33 as default gw. (and nat any traffic behind them)

    p



  • @netblues Awesome!
    I get a few more IPs than I had with CL!



  • @netblues thank you this was very helpful!


Log in to reply