Multi WAN w/Wifi



  • Here is the architecture:  My RV, that sets in the driveway, has a it's own self contained wired network with NAS, media players & computers.  The goal is to have access to my house network, including Internet while I am parked at home.  When I drive away I want my network to have Internet through 4G on my phone.  I want the WiFi devices in the RV to have a single AP association to get to the Internet without switching between the RV AP and the phone.  Sometimes, I need to copy large amounts of data (40G) to the RV, so I want to have a wired 1G connection to the house network.  Most of the time I will use the WiFi N connection.

    My home network router/FW is also pfSense.  I  believe I can set 2 routes to the RV network to WAN & WAN3 IPs with different weights to get files to the RV.

    I want to use pfSense as my Firewall/Router in the RV.  I have a DN2800MT with 5 interfaces (2 wired  & 3 WiFi).

    WAN - WiFi N
    WAN2 - WiFi that connects to the iPhone WiFi hotspot
    WAN3 - On board 100/1000
    LAN - USB Linksys
    AP - Atheros

    Based on what I have read, I will group WAN & WAN2 for Multi WAN use.  The AP interface will be the Access Point for all devices in the RV.  LAN, well LAN.  The WAN3 interface will not be connected all the time, only when needed, also WAN & WAN3 are on the same network.

    Does this sound like the best way to design the solution?



  • OK, not winning.  A couple of questions:

    How do I setup the WANs that are connected to the same network for failover?

    Does the AP interface have to have an IP on a separate subnet and do firewalling/routing or can it just have an IP on the LAN and pass all traffic as a bridge (preferred)?



  • Hi there,

    Get the general idea, it sounds like quite a project. I've spent many hours trying to figure out solutions to similar situations on my own networks. After much searching I found pfsense and this video was the simplest way of setting up multi-wan (that actually works) - http://www.youtube.com/watch?v=n5COzizaMYQ

    When link goes down, pfsense should automatically failover to the other available connections. Presumably if wired connection is available then you want to use this in preference to wireless connection. So I would suggest putting the wired WAN in a higher tier, and the Wifi in a lower tier (see video). Having said this same tier might work just as well for you. You'll have to set it up and play with it.

    I've managed to get pfsense working on virtualbox win7 (there's a tutorial online), which might help if you come up against hardware that pfsense won't play with. There are advantages and disadvantages of using VM, with hardware that isn't that high spec or server gear (such as DN2800MT), VM may be your only choice, pfsense tends to be fussy about hardware, wifi and usb especially, you have been warned! This is tutorial for pfsense on virtualbox - http://timita.org/wordpress/2011/07/29/protect-your-windows-laptop-with-pfsense-and-virtualbox-part-1-preamble/

    I chose Virtualbox over Vmware as it seemed simpler, it's actually free and takes up less space on my disk.

    For motherboard it's useful to check whether it will automatically start up if it loses power, most server or IPC equipment has a setting in bios for this. Means if you lose power to the "firewall", and then power comes back on you don't have to manually press the "on" button. Having said that if you don't mind switching it on then you can save quite a few bucks.

    I tried the Intel Mini Itx Atom d525, didn't really like it wouldn't boot, so sent back. In the end I ended up with a Jetway, which was eventually replaced with a Draytek. Money as no object, I'd problably buy a new Supermicro Mini Itx with i7 embedded CPU quad gbe, but they are around 1000$ if you can source one :) That said you can probably get the Intel DN2800MT working with pfsense, and Atom boards work OK from my experience with the Jetway.

    Having two WANS connected to same network can cause some very very minor "glitches" but I didn't find it was a showstopper or any kind of real problem.

    Overall the best thing I can suggest is plan it out as best you can from your own experience, then set it up. You can change things as you go along, and learn what works and doesn't work. Better to ask a specific question here than a general post containing lots of questions, as many people not have that much time …

    Anyway, Hope this helps good luck

    Kind regards



  • PS good idea to look at specific/dedicated hardware solutions too. I looked at Mikrotik Routerboard, you can get some amazing hardware for not very much money. However my testing of multi-wan on my PC didn't go well and I found it was complicated to use mikrotik Routeros, so I gave up on it … advantage of Routerboard is price and things like that it will run off a bog standard PSU 10-24v if I remember. They do cases to fit their stuff so would be compact also.

    Cheers


Log in to reply