Routing for Cogent
-
I am switching my pfSense from a /28 from Centurylink to a /28 from Cogent.
With Centurylink, it's simple: the first host of my /28 is provided by CL and is my gateway for the remainder of the hosts. All I need to do is assign pfSense an IP and a gateway, and it works! Centurylink Example:
Network: 55.55.55.0/28
GW: 55.55.55.1 (provided by CL upstream on a Cisco device)
Remaining hosts: 55.55.55.2-55.55.55.14Moving to Cogent, they have assigned my Router a /29 and my clients a /28:
Connected Address Block: 38.38.38.56/29
Cogent Router port IP/Gateway: 38.38.38.57
Customer Router Port IP: 38.38.38.58Cogent Assigned IP Block : 38.47.47.32/28
I'm pretty sure I that if I assign the pfSense WAN an IP of: 38.38.38.58 and a GW of: 38.38.38.57 then my LAN will have access to the internet.
Question #1 is: How do I use the remaining IP address? Can I simply add Virtual IP/Alias?
Question #2 is: Can I provision a pfSense with WAN an IP of: 38.38.38.58 and a GW of: 38.38.38.57, then set up the LAN as 38.47.47.33/28 and then provision other pfSense(s) on 38.47.47.34-38.47.47.46, each with their own LAN?
-
@unsichtbarre #1 yes and #2 yes, not just pfsenses, also hosts with internet services in a dmz, filtered by pf rules as needed.
-
@netblues Thanks!
If #2, how do I enable generic (forward all traffic) downstream routing to the pfSenses 38.47.47.34-38.47.47.46?
-
@unsichtbarre You don't. Your isp has routed the /28 behind 38.38.38.58
Just put firewall rules, as usual.Downstream pfsenses will have 47.33 as default gw. (and nat any traffic behind them)
p
-
@netblues Awesome!
I get a few more IPs than I had with CL!
-
@netblues thank you this was very helpful!
