Design advice multi-wan



  • I'm going to setup a carp pair using vlans, along with multiwan across four cable modems (CM) (….  and yeah metro-e too expensive where I'm at :|).

    I will need to use an IPSEC VPN on CM3/4.  Will be different SA for each, but same far end.  I want to dedicate an entire cable modem, CM4, for backups to/from datacenter and CM3 will be normal lan traffic to/from datacenter.  I would like to use CM1/2 and arguably CM3 for mutliwan and "normal" http traffic.

    I currently make use of OpenDNS to do webfiltering, and am leaning to continue doing this, unless there is some real value to using squid in transparent mode?  It sounds like there is a lot of effort in getting squid working with multiwan unless I'm mistaken?

    PF1 and PF2 I only plan on having two nics in either and relying on VLANs.

    At some point in the future, but not necessarily right out of the gate, I'd like to do a captive portal via radius/ad for another lan vlan network intinerface the future.  Are they any concerns with adding matched VLAN interfaces to both pfsense boxes after the fact?


Locked