Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Help configuring 4 interfaces :(

    General pfSense Questions
    4
    7
    2206
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      acoustiq
      last edited by

      Hi guys,

      I'm trying to set up my pfSense 1.2.3 HDD, and I think I've messed up everything, so I'm starting from scratch :D Here's what I want to do:

      I have a machine with 2 x HP nc7170 adapters, so I have 4 Gbps ports available [properly detected as em0 to em3].

      WAN [em2] - PPPoE 100Mbit down / 50 Mbit up - that works fine
      LAN [em0] - usual LAN setup, nothing special

      WAN2 [em3] - DHCP cable that needs to be load balanced with the first WAN [24Mbit down / 8Mbit up] - this is where the web server needs to get out to the internet
      LAN2 [em1] - to be treated as LAN, will be connected to a router I'm using as AP or for any temporary connections I might need

      Now, I need to make LAN2 to work the same as LAN [same subnet, full traffic between them, same DHCP pool if possible] - this is the most urgent part.
      I also need to load balance the two WANs. I also have a local web server bound to the WAN2 IP, so if anyone can give me an example on how to do NAT properly on the load balanced links on WAN2, it would help a lot.

      I have a feeling something in my little messy environment will require an upgrade to 2.0RC - is there any particular build that's less buggy and more stable than the rest? I need to get this machine up and running with as little maintenance as possible. Release 1.2.3 worked just great for me, but it might be time to move on…

      I've tried searching, but nothing that I found could help me with the LAN2 - I just can't get it to work the same as LAN.

      So, if anyone could give me a hand, it would be very much appreciated :D Thanks in advance for any help/hint!

      1 Reply Last reply Reply Quote 0
      • Cry HavokC
        Cry Havok
        last edited by

        You could bridge the 2 interfaces, but unless they're physically separate networks there isn't any point.

        1 Reply Last reply Reply Quote 0
        • W
          wallabybob
          last edited by

          To elaborate on Cry Havok's suggestion: bridge LAN2 and LAN and add firewall rules to LAN2 to allow DHCP traffic. There are a number of forum posts giving suitable rules.

          A number of people have reported that configuring WAN load balancing in pfSense 2.0 is "challenging" so you might be better off staying with 1.2.3 unless you are feeling brave.

          1 Reply Last reply Reply Quote 0
          • A
            acoustiq
            last edited by

            Ok, thanks for the hints, I have the first part fixed, although it seems a bit weird. I ran with this link. In order to get everything working, I did this for LAN2, as it is bridged to LAN.

            UDP * 67 - 68 * 67 - 68 *   DHCP passthrough

                      • Allow LAN access

            Looks kinda' dumb to me, but only this works [for me, at least]. Apparently, NAT reflection is a bit sensitive to bridges because, in order to get it working again, I had to disable it, restart and enable it again. Now everything works perfectly.

            On to the load balancing. I have one high speed [cheap] link with dynamic IP over PPPoE that should be used for all usual traffic [browsing, torrents, whatever].
            The second link is slower, but very reliable. I need to use this for web services [web, mail, ftp, shoutcast, etc].

            How would you recommend I do this? The reason I want to do load balancing is that, in case WAN drops, the users will go out on WAN2 temporarily.

            1 Reply Last reply Reply Quote 0
            • A
              acoustiq
              last edited by

              Finally fixed the WAN load balancing, too. I went with this and tweaked it a bit. Now all the necessary connections go in/out the right link.

              One last thing: I keep a hostname only for the PPPoE link [WAN]. The easiest way to update the service at freedns.afraid.org is to access a direct URL.

              Is there any way I can update the DNS from pfSense? Maybe some creative cron and local script usage?

              Thanks a lot for all the help so far ;)

              1 Reply Last reply Reply Quote 0
              • S
                SeventhSon
                last edited by

                @acoustiq:

                The easiest way to update the service at freedns.afraid.org is to access a direct URL.

                Is there any way I can update the DNS from pfSense? Maybe some creative cron and local script usage?

                from http://freedns.afraid.org/dynamic/ (login)

                wget -q –read-timeout=0.0 --waitretry=5 --tries=400 --background http://freedns.afraid.org/dynamic/update.php?yourcode

                Put that in cron and make it run every hour/day/whatever.

                1 Reply Last reply Reply Quote 0
                • A
                  acoustiq
                  last edited by

                  Hmmm… That doesn't seem to work. I've tried both adding it to cron from the shell and I've also tried the Cron package. No dice.

                  I finally got it working using this hint: http://forum.pfsense.org/index.php/topic,16767.msg91804.html#msg91804

                  There's just one thing - the string ends with == and you should not enter that. Just use the string between ? and ==

                  Guys, thanks a lot for all the help, now my machine does everything I need it to do :)

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post