Using MultiWAN from the same ISP
-
Hello community, newbie here!
I'm in current situation:
- ISP Fiber Modem with 2,5 Gb available (4 ports 1Gb each)
- pfSense WAN to the modem with 1Gb cable
So my clients, behind pfSense, can use only 1Gb
My idea (maybe wrong) is use a MultiWAN on pfSense to double the bandwidth at least at 2Gb.
So I tried to add a new interface WAN2 to pfSense but I got the following error:
WAN2 IPv4 address 192.168.1.5/24 is being used by or overlaps with: WAN (192.168.1.7/24)I know that MultiWAN should be used with 2 different network/ISP, but I have only one :)
I tried to add a WAN2 with DHCP request from modem, and this time I got no error. DHCP release an IP from the same network (192.168.1.10) but currently is not working as I got:
Is there anything I can do to use MultiWAN from 2 interfaces coming from the same network?
Thank you
Lucas -
@lucas-rey
It cannot work this way. Multi-WAN needs to have different subnets and gateways on each.If your modem is capable to bound NICs you can do that to double throughput.
-
@lucas-rey said in Using MultiWAN from the same ISP:
ISP Fiber Modem with 2,5 Gb available (4 ports 1Gb each)
ask them for a modem that has multi-gig ports so you can attach a single device at 2.5gbE
-
Modem is provided by ISP and it's the "poor" ZTE H388XF.
It doesn't have 2,5Gb port/s and I cannot ask for a replacement, then it has a very basic config, so no nick bound.I still don't understand why the ISP (the 1st one in Italy) is providing 2,5Gb fiber, with a modem that can't handle such speed on a single port.
So, to recap, there is nothing I can do, at least with pfSense. But maybe I can do something with proxmox, where pfSense is running......
-
@lucas-rey said in Using MultiWAN from the same ISP:
So, to recap, there is nothing I can do
you could put a cheap router in between 1 of the ports to do double-nat. but that is not an ideal situation
-
@heper said in Using MultiWAN from the same ISP:
you could put a cheap router in between 1 of the ports to do double-nat. but that is not an ideal situation
Agree, not so good. Anyway, what I can do is instantiate a new pfSense VM who will nat the second WAN to present at the first pfSense VM.
Something like:
So, pfSense2 will only nat to pfSense1Let's try, a new VM doesn't cost so much to me
-
@lucas-rey yea that should also work fine if you have enough interfaces on your hypervisor
-
@lucas-rey Iโd get rid of the modem or look at putting them into bridge mode if you can.
At least youโd be able to have two working WAN interfaces, then maybe you could policy route traffic out both wan interfaces based on firewall rules.
-
@nogbadthebad said in Using MultiWAN from the same ISP:
Iโd get rid of the modems or look at putting them into bridge mode if you can.
Nope, as I wrote, the ZTE modem provided by ISP allow only a few basic settings. So only way I believe is the above one.
Waiting for a modem with 2,5Gb ports. Hopefully next upgrade will be 10Gb with new modem provided by ISP.
Anyway, I'll be in the same boat, 2,5Gb ports with 10Gb fiber
-
This post is deleted! -
Aaaaaand... finally I got 2 GW grouped into a MultiWAN GW.
May I ask if this MultiWAN act as something LACP for bandwidth increase or only as backup? What I did is create a new group and setup it as default GW. But I cannot see any "use rule" for such GW, e.g. active-standby or so.
-
@lucas-rey you'd have to add the gateway group to a firewall rule on lan. (Edit your default any any rule to test(
Chances are small a single client will see any speed improvement. Multiple clients might.
Some speedtest sites use multiple sessions that occasionally go over multiwan simultaneously -
@lucas-rey
pfSense doesn't load-balance on a gateway group. It's just a fail-over group.
So in case of high latency or packet losses it can switch over to the other gateway.What you can do to get benefit of higher throughput using both, is policy route either the upstream traffic of specific internal devices to one gateway and other devices to the other one, or route some ports to this one and the rest to the other one.
-
@viragomann said in Using MultiWAN from the same ISP:
pfSense doesn't load-balance on a gateway group.
Since when? It has always done load balancing as long as I can remember. That's what the tiers are for.
-
@heper
Oh yes. You're right. With multiple equal tiers it does. -
I can confirm that the bandwidth is now increased with the above config at least 50% more.
However my goal will be increase the wifi bandwidth due to multiple streaming devices at home (wife and sons use them :) )I'll use the lacp functionality of my orbi rbk853.
-
Hi guys, sorry, but something is wrong in my config, could you please help to understand?
I did some tests and if I setup the second GW (the one from pfSense 2) my clients are not able to surf internet anymore.
From pfSense 2 ssh I can ping dns e.g. 8.8.8.8 and resolve address without issue, so I don't understand why this happen.
My LAN rules are configured with default GW.I noticed that, because I seen that pfSense used only one GW when I setup MultiWAN as default GW even using different clients. That's normal I think, since the second GW doesn't allow to surf internet.
Any clue?
-
@lucas-rey
Did you state the gateway in the WAN2 interface settings?Check the outbound NAT, if pfSense added proper rules for WAN2.
-
@viragomann said in Using MultiWAN from the same ISP:
Did you state the gateway in the WAN2 interface settings?
DAMN! You're right, I forgot to add the GW
Now I'm able to surf internet also if I setup GW2.Anyway, the issue is still the same. Using 2 clients in my lan, the WAN2 is not used at all!!!
I understand the group GW cannot be used by 1 client to use aggregate speed, but I thought that using two or more clients in my lan I was able to use both GW and finally use my 2,5Gb fiber connection (at least 2Gb).
I don't understand why only one GW is used
-
@lucas-rey
As far as I know, pfSense uses both gateway in a round robin style to establish connection. So the first connection goes out on WAN1, second on WAN2, the third on WAN2...
It doesn't matter, which client is establishing it.To verify initiate some connections and check the state table: Diagnostics > States
