4. Assign multiple dynamic IP addresses to a single interface

Assign multiple dynamic IP addresses to a single interface

  • B

    Hi

    I have a provider that assigns me up to four public IP addresses which however have to be obtained by MAC based DHCP.
    Is it possible to assign multiple dynamic IP addresses to a single physical interface? e.g. using Virtual IP addresses?
    The additional IP addresses will for example be used for different SSL enabled web servers.

    So far I have only come across solutions with multiple static addresses.

    e.g.
    How to use multiple IP on a WAN interface?
    Multiple IPs on 1 WAN interface from different subnets

    Thanks
    Bardelot

    0
  • Rebel Alliance Developer Netgate

    That isn't easy to do, at least not to do in a way that isn't very ugly.

    Some people have plugged multiple interfaces into a switch on that kind of WAN and let each interface pull an IP, or they've tried to use VLANs in the same way, but that is all rather hackish.

    In order to use any of the virtual IP types on pfSense the IPs would need to be static.

    Another option would be to bridge an additional interface to WAN and let your web servers pull public IPs directly and then you can still firewall things how you want, but they have the IPs directly.

    0
  • F

    @jimp:

    Some people have plugged multiple interfaces into a switch on that kind of WAN and let each interface pull an IP, or they've tried to use VLANs in the same way, but that is all rather hackish.

    Another option would be to bridge an additional interface to WAN and let your web servers pull public IPs directly and then you can still firewall things how you want, but they have the IPs directly.

    Wouldn't all these methods run into the problem that each IP would have the same gateway and hence it would not work (under the assumption that most ISP which give the user the above mentioned possibility will have the IPs "close to each other" and assigned the same gateway)??

    Cheers!

    0
  • Rebel Alliance Developer Netgate

    Yes but due to the way the routing works out, everything actually ends up going back out the main interface, even if it enters one of the others… as I said, ugly, but there are people doing that (search the forum a bit, some should turn up)

    0
  • B

    Ok sadly it's what I had expected. I didn't think of the bridging solution though, so thanks for that one, I'll probably try that approach.

    Thanks
    Bardelot

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy