Is this doable? pppoe multiwan / multiple subnets

  • I would like your feedback if this is even possible… if not with pfsense ...

    To start with I have 16 users at the work location.

    Then i have 4 PPPoE accounts for internet access from the provider.

    What i want is to create 4 subnets each allowing ONLY 4 (ips) users. so i figured i'd use the /29 network bit.
    this should allow me enough IPs in the /29 network.

    Now, when a new user joins he randomly pulls an ip from lets 192.168.1.x/29 until that fills up then the router should give IPs from the next subnet 192.168.2.x/29 and so on.

    The most imporatnt part here thats required is each subnet has to have its own PPPoE dialout client login and work on that with its own route and so on.
    so for
    192.168.1.x/29 we give pppoeDial1 and it has to use that.
    192.168.2.x/29 we give pppoeDial2 and it has to use that.
    and so on

    we dont want a user from 192.168.2.x to be using the internet from 192.168.1.x.

    is this workable?

  • Rebel Alliance

    IMHO you are overcomplicating your setup.

    I will go through a normal "Multi WAN single LAN" setup, this way all your LAN users can share the office resources.

    And i will use a combination of DHCP Reservations + 4 Aliases & "Policy Routing" to "Route" the traffic of each 4 users group to the desired WAN.

    Also you can create "Fail Over" GW groups for each 4 users group, this way, if some of your modems faill the users dont loose their internet.

    Just my 2 cents….

  • actually what i am asking for is necessary because the internet provider sets up these accounts (the pppoe dialups) with limits … i cant allow more than 4 people per account and i have a total of 16+ so i figured 4 users per pppoe dialup account.

    the question remains. is this workable via pfsense?

  • Netgate Administrator

    Yes, mostly.  ;)

    I would do just as ptt has suggested above. You won't be able to have a user 'randomly' aquire an IP. They will likely get the same IP every time.

    You could have one subnet with 16 addresses and then use firewall rules to divide that up into 4 groups and send each group to a specified PPPoE.

    Do you have 4 separate modems? 8 interfaces?


  • It's possible to achieve the desired end result, and should be done using only one subnet. Or if you have a need to separate the systems into their own broadcast domains, then put them on VLANs and each VLAN its own IP subnet. That's not what you want to do though, you want to magically use the next available IP, maybe even in a different subnet. That just isn't a good idea, and not something anything is going to support out of the box. There is no requirement for additional subnets, you just need to policy route based on IP. The DHCP server will hand out IPs exactly as described within a single subnet.

  • ok that sounds something like i can worth with however my 1st option was a mikrotik router and i am sooo struggling with it. it doesnt like having multiple gateways or rather i am not figuring out how to do it.

    about having pfsense. it would be a bit tough cause i'd have to dedicate a full x86 machine to put at the location for this task.
    and since pfsense cant be ported to mikrotik hardware …