Help configuring 4 interfaces :(
-
Hi guys,
I'm trying to set up my pfSense 1.2.3 HDD, and I think I've messed up everything, so I'm starting from scratch :D Here's what I want to do:
I have a machine with 2 x HP nc7170 adapters, so I have 4 Gbps ports available [properly detected as em0 to em3].
WAN [em2] - PPPoE 100Mbit down / 50 Mbit up - that works fine
LAN [em0] - usual LAN setup, nothing specialWAN2 [em3] - DHCP cable that needs to be load balanced with the first WAN [24Mbit down / 8Mbit up] - this is where the web server needs to get out to the internet
LAN2 [em1] - to be treated as LAN, will be connected to a router I'm using as AP or for any temporary connections I might needNow, I need to make LAN2 to work the same as LAN [same subnet, full traffic between them, same DHCP pool if possible] - this is the most urgent part.
I also need to load balance the two WANs. I also have a local web server bound to the WAN2 IP, so if anyone can give me an example on how to do NAT properly on the load balanced links on WAN2, it would help a lot.I have a feeling something in my little messy environment will require an upgrade to 2.0RC - is there any particular build that's less buggy and more stable than the rest? I need to get this machine up and running with as little maintenance as possible. Release 1.2.3 worked just great for me, but it might be time to move on…
I've tried searching, but nothing that I found could help me with the LAN2 - I just can't get it to work the same as LAN.
So, if anyone could give me a hand, it would be very much appreciated :D Thanks in advance for any help/hint!
-
You could bridge the 2 interfaces, but unless they're physically separate networks there isn't any point.
-
To elaborate on Cry Havok's suggestion: bridge LAN2 and LAN and add firewall rules to LAN2 to allow DHCP traffic. There are a number of forum posts giving suitable rules.
A number of people have reported that configuring WAN load balancing in pfSense 2.0 is "challenging" so you might be better off staying with 1.2.3 unless you are feeling brave.
-
Ok, thanks for the hints, I have the first part fixed, although it seems a bit weird. I ran with this link. In order to get everything working, I did this for LAN2, as it is bridged to LAN.
UDP * 67 - 68 * 67 - 68 * DHCP passthrough
-
-
-
-
-
- Allow LAN access
-
-
-
-
Looks kinda' dumb to me, but only this works [for me, at least]. Apparently, NAT reflection is a bit sensitive to bridges because, in order to get it working again, I had to disable it, restart and enable it again. Now everything works perfectly.
On to the load balancing. I have one high speed [cheap] link with dynamic IP over PPPoE that should be used for all usual traffic [browsing, torrents, whatever].
The second link is slower, but very reliable. I need to use this for web services [web, mail, ftp, shoutcast, etc].How would you recommend I do this? The reason I want to do load balancing is that, in case WAN drops, the users will go out on WAN2 temporarily.
-
-
Finally fixed the WAN load balancing, too. I went with this and tweaked it a bit. Now all the necessary connections go in/out the right link.
One last thing: I keep a hostname only for the PPPoE link [WAN]. The easiest way to update the service at freedns.afraid.org is to access a direct URL.
Is there any way I can update the DNS from pfSense? Maybe some creative cron and local script usage?
Thanks a lot for all the help so far ;)
-
The easiest way to update the service at freedns.afraid.org is to access a direct URL.
Is there any way I can update the DNS from pfSense? Maybe some creative cron and local script usage?
from http://freedns.afraid.org/dynamic/ (login)
wget -q –read-timeout=0.0 --waitretry=5 --tries=400 --background http://freedns.afraid.org/dynamic/update.php?yourcode
Put that in cron and make it run every hour/day/whatever.
-
Hmmm… That doesn't seem to work. I've tried both adding it to cron from the shell and I've also tried the Cron package. No dice.
I finally got it working using this hint: http://forum.pfsense.org/index.php/topic,16767.msg91804.html#msg91804
There's just one thing - the string ends with == and you should not enter that. Just use the string between ? and ==
Guys, thanks a lot for all the help, now my machine does everything I need it to do :)
