Startup Script to Create Virtual Interfaces for ATT Uverse Setup

brexroth · Dec 16, 2010, 4:10 PM

I recently had ATT UVerse installed and have a block of 5 usable static ip addresses. To set the backdrop, the ATT Uverse modem/router (RG) cannot in any shape or form be placed into bridge mode. Furthermore, the only way to assign a static ip address to a machine/interface is by the Uverse RG handing them out through DHCP. In other words, to get my 5 static ip addresses, I have to have what appears to be 5 distinct network cards attached to the Uverse RG. There is no way to have the RG pass all the static ips to a single MAC address. It wants to see 5 distinct MAC addresses and wants them to be connected via DHCP. Before anyone asks, this is the way it is and there is no other way around it at the current time.

Any way, having used pfSense in the past, I figured there would be some way to accomplish this through pfSense. Although I have used it before for dual WAN routing, I really only ever dabbled in pfSense. I have installed yesterday's 2.0 beta 4 build and configured the LAN and WAN interfaces without any problems. After much searching, I found a way to create an additional 4 virtual interfaces (with distinct MAC addresses) on the WAN interface using netgraph. These 4 virtual interfaces are assigned through pfSense to 4 OPT interfaces for usage. I have actually implemented and tested the entire setup and it works quite nicely. I have the RG handing out all 5 static ip addresses to the pfSense box and can see the traffic getting to the pfSense box just fine. I placed the which creates the virtual interfaces into /usr/local/etc/rc.d. The problem with this is that it is not run until well into the pfSense load. When I reboot the pfSense box, it comes up and sees an interface configuration mismatch (as the virtual interfaces do no exist yet) and requires me to do the interface configuration all over again. Needless to say, this is not a maintainable configuration.

What I need is a way to get the virtual interfaces created prior to pfSense detecting the interfaces to avoid the mismatch. Is there anyway to have this script be run earlier in the process so this can happen? I know the pfSense config.xml has <shellcmd>and <earlyshellcmd>tags and wasn't sure if one of them could be used. Can these tags be used to run an actual script (.sh) file or would I have to implement every line of the script into individual tags?

Any help with this would be appreciated.

Brian</earlyshellcmd></shellcmd>

jimp · Dec 17, 2010, 4:02 PM

You don't even need to do that. They can be done static, just use a CARP VIP hardcoded to each of your usable IPs. A CARP VIP will have a unique MAC address and make the R2 happy.

It may all just work with the CARP VIPs, though you may need to send some traffic sourced from the CARP VIP before the R2 will see it on its IP Allocation page. Easy enough to do from Diagnostics > Command:

ping -c1 -S <carp vip=""></carp>