Is it possible to create "virtual" WAN interfaces? (not VLANs)


  • Hello everyone!

    I am currently running pfSense as an VM inside ESXi and I would like to move it outside of the box, as a standalone machine with a 4x 1Gbps ports card.

    Here's my setup to help understand what I am trying to achieve

    • I have a symmetrical 10gig EPON connection provisioned at 1.15gbps and my ONT (modem) has 4x 1 gbps ethernet ports

    • I have multiple LAN VLANs entering my router through 2 physical ports (my main LAN VLAN is alone on port #1, all other LAN VLANs are on trunk port#2)

    • I have 4 DHCP WAN currently setup on 2 physical ports (my main WAN associated to the main LAN is alone on port #3, all 3 other WANs are on port #4).

    • Physical ports #1-2-3 are passthrough from ESXi so 100% managed by pfSense.

    • Physical port #4 is the uplink port of my WAN vSwitch from ESXi, on which I have 3 virtual interfaces assigned to pfSense acting as WAN2-3-4.


    Actual question : Is there a way to create virtual interfaces for my WAN2-3-4 so that I can use only 1 physical uplink to my modem for these WANs, just like it is right now in ESXi?

    I know that I could create VLANs on the WAN2 physical interface and trunk them to my switch and setup 3 ports in access mode for these 3 VLANs to link to the modem. This will take up 4 ports on my 3560X switch which I would prefer not to.

    I would like all for my WAN to link directly to the modem as it is right now. I don't plan on using the onboard port of the new machine as it is a Realtek NIC and I prefer my Intel quad gig card.

    Someone mentionned Open vSwitch to me but I can't seem to find much information regarding what I want to do.

    Virtual IPs feature is out of the question because I am using DHCP.

    No my provider will not provide me a /29 IP block as I am a residential customer, and anyways the price would be outrageous if I were a business customer.

    Thanks for your input!


  • @vizi0n

    How would you transport Multi Lan ethernet frames (down the same wire), without encapsulating them with vlan tags ?

    A little Ie. D-Link DGS-1100-08 (8-port Vlan capable) costs less than 50$ , is fanless & power effective.
    Use such a solution if you want to save on your 3560 ports.

    Ps: Don't even Consider a TP-Link (VLAN leaking)

    PPs: A simple drawing would not be bad here.
    /Bingo


  • @bingo600 I dont need them to be tagged, I just need a virtual switch with virtual interfaces, exactly like ESXi is providing


  • @vizi0n

    I'm not sure i even understand your setup.
    You want to transport 4 interfaces down one wire wo. tagging ?

    Look into Firewall -> Virtual IP's , where you can make aliases.
    If all you need is multi-ip's on the same IF.



  • @bingo600 Unfortunately this is not going to work because it's only for static IP addresses, and my provider is forcing me to use DHCP.

    My current setup is :

    ESXi host

    • pfSense VM
    • ethernet ports 1,2,3 : passthrough directly to the pfSense VM
    • ethernet port 4 : managed by ESXi as a vSwitch uplink port
    • virtual ethernet ports 1-2-3 : created by ESXi on the same vSwitch as ethernet port 4, assigned to the pfSense VM and used as "WAN2" "WAN3" "WAN4"

    I would like to retain this type of setup, without using ESXi

    And yes, I want to transport 4 interfaces on 1 wire, just like any uplink from a switch to another


  • @vizi0n said in Is it possible to create "virtual" WAN interfaces? (not VLANs):

    @bingo600 Unfortunately this is not going to work because it's only for static IP addresses, and my provider is forcing me to use DHCP.

    My current setup is :

    This is where the drawing would come in handy.

    I would like to retain this type of setup, without using ESXi

    Understandable.

    And yes, I want to transport 4 interfaces on 1 wire, just like any uplink from a switch to another

    How would that be possible wo. vlan tagging ?
    You even mentions switch & uplink (implies tagging).

    Edit:
    I hear ... : I want to go from 1 physical IF, and "fan out" to 4 physical IF's

    Doable with a switch & tagging


  • @bingo600 said in Is it possible to create "virtual" WAN interfaces? (not VLANs):

    How would that be possible wo. vlan tagging ?
    You even mentions switch & uplink (implies tagging).

    Well, switching and uplink don't necessarily mean trunk/tagging. By saying "uplink" I simply mean a connection to a cascading switch further up the tree (in this case, to the ethernet switch inside the modem).

    If you directly connect a basic switch (no VLAN support, just plain access ports) to a modem, and connect 3 different routers to your switch, they will all obtain IP addresses from the ISP, without any VLAN tagging. It's exactly what I want to achieve, by creating 3 virtual interfaces in pfSense that I could then bridge together with my physical port #4, which would act as an uplink to my modem. Basically, I want pfsense to act a a switch by using a bridge of interfaces that would combine 1 physical IF and 3 virtual IF.

    Maybe it's clearer explained this way?

    I don't have time for a drawing right now because I'm already in bed but maybe tomorrow if I have some spare time


  • @vizi0n

    Ahh ... Now i see.
    But i doubt you can do that w. pfSense.

    I think you have either physical interfaces , or vlan tagged interfaces.