I'm at lost until i found pfsense… and need some guidance



  • I'm at lost until i read this post http://forum.pfsense.org/index.php/topic,23573.0.html

    a litle bit of my background
    I'm a cybercafe owner. finish my studies and learned computing the hard way for a long time now. my premise have about 30 computer. people come here for online gaming and web surfing (youtube-ing and faceBook-ing). the problem hit me until one day a kid said to me, "uncle… your internet suks....", and so what i've found out is that, web surfers makes online game lags. i have an adsl + wimax and total 3 internet connection here, and that did not fix the problem.

    after some intensive googleing, i've learned for the pass few days is that i can built a system and put a routing os and do multiple gateway routing or something. i'm not too sure what i said is correct or not soo. the link i put on top so far fit the description of my problem but, unlike the quake player... i may have 20 more of his kind in any given time.

    i've built a system with 3 network interface and 160Gig hdd in it. i had install ebox in it yesterday and dont know how to set it up for my network. google for "ebox online game setting" will turn up a lot of xbox. i'm somewhat lost now.

    i'm sure you guys can help. i'm gona format the ebox and install pfsense in it. (pfsense iso downloaded so fast compared to ebox and ebox have a lot of things that i don need anyway... too bad i wasted a lot of time downloading and installing it)

    can some one guide me on what to do... some basic steps and what not to miss out and what else i need to do...

    my network gateways located at 192.168.1.252, 192.168.1.253, 192.168.1.254.... do i really change them. and physically not all router are at the same spot. both of the adsl router is on my table and my switch is about 10 meters away and the wimax connects to it there.

    well.... its 5 in the morning now and i really need some rest...

    hope to hear form you guys soon...



  • What are the specs of the hardware you are using? To sum up your problem, it seems it is

    web surfers makes online game lags

    How do you know this is the problem?

    i have an adsl + wimax and total 3 internet connection here, and that did not fix the problem.

    Are you confident that your available bandwidth is the problem here? Your issues could range from hardware or provider bottle necks, or an correct setup (e.g. How are you directing clients to those 3 gateways?).

    Either way, having pfsense installed will help you find out where your bottle necks are.

    Installing pfsense - http://doc.pfsense.org/index.php/Installing_pfSense

    Multi WAN / Load Balancing - http://doc.pfsense.org/index.php/Multi_WAN_/_Load_Balancing

    Hope this helps!



  • What are the specs of the hardware you are using? To sum up your problem, it seems it is

    Are you confident that your available bandwidth is the problem here? Your issues could range from hardware or provider bottle necks, or an correct setup (e.g. How are you directing clients to those 3 gateways?

    well… all of the pc in my place are amd athlon 64 specs and 2gig Ram and some graphic card installed not much for a low end gaming pc. we use steady state to lock the pc c drive and games are copied to the d drive and have link on the desktop to run them.

    the routers that can be found here are Billion bipac 5112s, D-link DSL2640T(wifi suport), and a motorola wimax wich hooks outside that i don't know the model. basically 2 adsl and a wimax connections (all are T1 connections). and all of the pc connects to a 48 port 100base switch.

    both of the adsl are form the same isp.
    wimax are hosted by a different isp.

    wifi.... some time.. people do bring their laptop and play online game here.

    Heroes of newerth seems to be the one of the most popular game currently and we use that to test for latency in it pings. the game will have low ping in the around 160ms (best we get) even if we set all the pc to one adsl gateway for it (worst it get around 270ms). the test went bad if more than 5 pc run firefox and visits facebook to the same gateway. and it went worst if 3 of the test pc runs youtube...  spiks happens and shoots its ping rate around 700+ms to 1600ms. we did tested the wimax. but it started with 240ms with the first 4 pc. and we skip the test when we put half of the pc gateway to it and it turn out to get around 500ms no internet browsing (no facebook or youtube).

    comparing the connections. we found out that the wimax will stream youtubes faster than both of the adsls. its just have bad latency... but downloads better than both adsl...

    so the setting for the pc are... we preconfigured all pc. will use the wimax for web browsing and the gateway is set as default every time the pc restarts... if a kid came in and want to play online game. we told the kid to change gateway to ether one of the adsl links using a simple batch link on the desktop to do this. we did this because the wimax have bad latency but only best for web surfing and not all people comes here for online gamings.

    after the test... we did told the result to the most visited player.... and also told the some websurfing woun't kill the game connections.

    as we enter the real world... some people likes to multitasking and we have online players running facebook while gaming. just alt+tab to switching programs. if game latency gone bad around 600ms. they will change gateway to the other adsl and reconnect the game. and some gamers are happy about it. not much comments.

    but they seems to complain about lag spikes. worst for them is when the game became intense.. lag spikes falls to them, game responded badly for a few important seconds and they lost some match due to this(lol)... this happen to random pc while gaming but this isu must have at least one player run youtube and facebook on the same gateway...

    so... adding more connection did not fix my problem....

    i just finish reading the multi wan link you suggested. and its a bit confusing.. but i sum how know what its trying to tell me.

    but here's another problem. the mother board that i have can only support 2 more nic (2 pci slots). so i ended up with 3 network ports on it which includes one form the mobo. but i have 3 internet connection... no more left for lan or one of the net?

    how can i resolve this? (i cant just cancel any of the net as contract no ended)

    i found out that pfsense can do proxy server at the same time... i'm sure this will make most visited website like facebooks loads faster... does this include most visited youtube?

    i'm actually looking for a solution where... all online game will go trough one router. and the rest of the web surfing application can go use the load balance router(wifi) and wimax + proxy server applied.... 2 for the surfing if someone load newly visited youtube. load will be balance to the other line for smooth webbing...

    we also do p2p download... it goes of form the wimax gateway. we have a few anime fan and we pass downloaded anime freely provided people brought some portable drive tho... as the isp does not do traffic shape for p2p on wimax connections..... yet... (lol) i think this can be resolve by following the p2p part of the tutorial.

    oh... i just imagined another problem.... if some one brought his laptop using wifi here its going to go connect directy to the adsl... any work around to have it go through pfsense?

    _________> LAN
    |              |
    X          pfsense
    |          |  |    |
    |____Wifi  adsl  Wimax

    anyone have workarounds? does web proxy help often visited youtube?



  • ok, if i understand the problem correctly:

    hers one thing you should do: make pf the main router, so that it can not be bypassed in any way, to do this, you need to have the dsl modems in bridged mode, because pf can only do one dsl connection, you have to use the bridged with dhcp passthrough (the modem does the authentication, and then give control to pf, essentially its as if you have a cable modem in terms of authentication, the username/password is the cable modems mac address, this is also the way to go if you need/have to access your dsl modem), if you do this, the wifi function of the modem (technically gateway) will(should) be disabled. since they are now just modems, by connecting them to pf and then to the clients everything goes through pf.

    for wireless have an off the shelf router or access point and connect it to an interface of pf or use a wifi card, this way the wireless users cant bypass pf, would recommend doing the above as well.



  • ok… i didn't expect i did this... but the unorganized network plan in my side ended up me setting pfsense in such a way accidently.

    adsl
                         |
    LAN--------[ Switch ]–------adsl(+wifi)
                     |   |   |
                      \  |  /
                      pfsense

    setting for the both of the adsl are.... off the dhcp we dont need them.
    set the modem to auto connect to isp via its own pppe connection.

    then i brought one laptop and connect to the wife. and pfsense gave an ip address to it via dhcp.
    currently the ip for both of the modem are:
    adsl 192.168.2.254/24
    adsl(wifi) 192.168.3.254/24
    since i the box where i have 3 interface... all 3 of them goes to the switch
    interface lan static ip : 192.168.1.254/24
    interface wan static ip :192.168.2.1/24
    interface opt1 static ip : 192.168.3.1/24
    and they all works.

    than
    i was wondering if i need to put both of the adsl in the /32 subnet mask to eliminate extra connection to them but pfsense only.

    now problem is... i got one more problem. my hard ware got only 3 interface and i have 3 connection... how an i going to fit a wimax connection in this picture?

    the wimax does goes to the switch as well...

    anyone know what i can do? beside buying another mother board that have 3 pci slot? my current mobo only have 2 pci slot for nic...



  • Some options for getting more NICs on a system with small number of PCI slots:

    You can probably pick up a couple of reasonable quality 10/100 multi-port NICs on eBay. (These would have two or more ports per PCI slot). If you are looking for something "new", some possibilities include NICS described on http://www.soekris.com/lan16x1.htm and various Intel multiport NICs.

    You can use a VLAN capable switch to multiplex many switch ports onto a single LAN connection to a pfSense box.

    FreeBSD supports  some USB NICs.


Log in to reply