Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dynamically bind traffic to specific interface, Dual WAN, 1 lan

    Scheduled Pinned Locked Moved Routing and Multi WAN
    7 Posts 4 Posters 4.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      diablo266
      last edited by

      Hello everyone, here is my setup. 1 lan, 2 wan, i want to use WAN1 for all everyday traffic in and out, and i want to use wan2 (OPT1) for specific incoming/outgoing ftp (pasv) and torrent traffic. However, i don't necessarily want all LAN ftp client traffic going out on OPT1, only specific traffic triggered by the initial connection port. If it wasn't for pasv mode using multiple ports i wouldn't have a problem but because of that, and also the fact that torrent traffic also uses multiple undefined ports i am unsure of how to do this short of setting up a proxy. Unfortunately none of the proxy servers i have found are capable of binding to a specific interface, and sense my WAN ip's are dynamic none of them will work. Thanks for any help and i'm sorry if my description is a little hard to follow.

      1 Reply Last reply Reply Quote 0
      • S
        sai
        last edited by

        Policy based routing. If the packet comes from xx.xx.xx.xx then send it out THIS gateway.

        Implemented on pfSense using PASS firewall rules and specifying the gateway on them.

        1 Reply Last reply Reply Quote 0
        • D
          diablo266
          last edited by

          Thank you for the reply. I figured out how to get it working using static ip addresses, but how do i set it up to work with dns for dynamic ip's? Or if that isnt possible can i do an ip range? I tried but it said invalid.. Thanks!

          oh also, is there any way to route torrent traffic through the the OPT1 interface as well? And if so do i have to use a client that limits itself to one port? If not how do i account for the random port range it will be using? Is the software smart enough to route torrent traffic independent of port?

          1 Reply Last reply Reply Quote 0
          • S
            sai
            last edited by

            @diablo266:

            oh also, is there any way to route torrent traffic through the the OPT1 interface as well? And if so do i have to use a client that limits itself to one port? If not how do i account for the random port range it will be using? Is the software smart enough to route torrent traffic independent of port?

            You have to use specific ports.

            I dont understand what you mean when you ask about dns/dynamic ips.

            1 Reply Last reply Reply Quote 0
            • P
              Pootle
              last edited by

              @diablo266:

              But how do i set it up to work with dns for dynamic ip's?

              If it always the same machine, it will likely always have the same address, you can extend the lease time. Or you can pre-register the MAC address to fix the IP address.

              @diablo266:

              oh also, is there any way to route torrent traffic through the the OPT1 interface as well? And if so do i have to use a client that limits itself to one port? If not how do i account for the random port range it will be using? Is the software smart enough to route torrent traffic independent of port?

              Torrent is hard, I run torrent on 1 machine that is locked into one wan
              http://doc.pfsense.org/index.php/Multi-Wan/Load-Balancing#Supporting_bittorrents

              • you could run it in a VM if you don't want to lock the whole machine, or you could multi-home the machine and direct all the traffic through a special address if you can set it up in your operating system.
              1 Reply Last reply Reply Quote 0
              • D
                dakiller
                last edited by

                I have a setup very similar, I have a cable connection (WAN) for everyday web browsing and the likes and a DSL (OPT1) for torrents and other large downloads.

                By default everything goes through OPT1 and then I selectively pick the stuff that should go through WAN, everything outgoing destined for port 80 (HTTP), 443(HTTPS), 1863(MSN) goes through the WAN link, furthermore any large downloads via HTTP, I route them through the OPT1 link by their destination IP address

                So basically with torrents and their broad range of ports, I just assume that if anything isn't specifically defined as anything else to be torrent traffic. More rules can be added to define other traffic like email, games, etc. but that comes down to your own needs

                I got a Rules table that looks like this -

                Proto	Source	Port	Destination	Port		Gateway
                TCP	Lan net	*	68.142.79.231	*		OPT1
                TCP	Lan net	* 	68.142.79.239	*		OPT1
                TCP/UDP	Lan net	*	*		80 (HTTP) 	WAN 	
                TCP/UDP	Lan net	*	*		443 (HTTPS) 	WAN 
                TCP/UDP	Lan net	*	*		MSN 		WAN
                *	Lan net	*	*		*		OPT1
                
                
                1 Reply Last reply Reply Quote 0
                • D
                  diablo266
                  last edited by

                  Thanks for the help guys. I ended up just running win2k in vmware and routing all its traffic through opt1 for torrents.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.