1 LAN, 2 WANs (Same ISP) - No load balancing required… is this possible?



  • Hello people,

    Having spent a few hours researching this, most people seem to be using different ISPs, and load balancing.  This is not what I require - here's the scenario:

    4 Housemates living in the same house, so 4 computers.  We need two of those computers to use one WAN connection, whilst the other two use the other WAN connection.

    For example, 192.168.1.1 and 192.168.1.2 use the WAN with IP 84.24.56.12 (for example) for ALL incoming and outgoing connections, whilst 192.168.2.1 and 192.168.2.2 use the WAN with IP 84.24.56.13 for all of their Internet-bound connections.

    Load balancing etc is not to be used, since each connection needs to be totally independant of the other.

    Both WAN connections will be from the SAME ISP (VirginMedia, UK).

    I have been using pfSense for a long time with just the one WAN, using traffic shaping etc.

    Any thoughts?

    Cheers,
    Dave



  • I do have some problems with a similar setup, but it should work
    but you could do this http://pfsense.hotserv.dk/DualWan.html as a test
    Traffic shaping don't work with dual setup atm, but a bounty is started so donate :)



  • Hmm, not too sure what to make of that - looks like you're using two LANs?

    Also, you mention problems? o.O

    Dave



  • re: problems, there seem to be some situations with two WAN's on the same ISP when both WAN's lie in the same broadcast domain where random failures occur. This is typical with cable providers, but not common with other providers. I haven't had a chance to really look into it yet, it may not be a rare issue.



  • copy the default lan rule 3 times
    now edit the 4 rules
    put in as source the 4 ip's of the users and set the gateway to the gateway you want that user to use



  • Why is there a need for two distinct connections? Is this because of different online habits? (torrent addicts against gaming addicts?)

    If that is the case you can just do policy based routing, one port for gaming and another port for everything else.



  • Aside from any problems core to the ISP thing, as cmb said, this should be quite straightforward.



  • @tempura:

    Why is there a need for two distinct connections? Is this because of different online habits? (torrent addicts against gaming addicts?)

    Yup - I can't hack my housemates tantrums because of latency in the game which is consuming his social life (WoW) (sigh).  And since packet scheduling doesn't seem to resolve the problems, I think we're going to go for two cable connections.

    Will I need outgoing NAT rules here?  Sorry for the n00b questions, I just want to make sure this is going to be possible without running two totally seperate LANs…  Good to see that this should be possible, I just need to check before I enter into a 12 month contract heh.

    So the problems you're all talking about, could these be a deal-breaker?

    Cheers all,

    Dave



  • We had this problem before. People who love to play online who get pissed at people who love to torrent and youtube.

    What you do is get two DSL connections, have one as WAN. Then connect the other DSL as OPT. You then make rules to tell pfsense to forward the WoW packets to the OPT interface. Everything else including torrents, youtube, and whatever that kills your "ping" in game, gets to be forwarded to the WAN interface by default.

    There is a PDF file at the pfsense website tutorials section, something about policy based routing. It should explain everything.



  • Thanks - out of interest though, why does packet scheduling not negate this the way I'd expect?

    Dave



  • @UBBERdave:

    Thanks - out of interest though, why does packet scheduling not negate this the way I'd expect?

    Dave

    I have no idea. But my guess is, the packet shaper of pfsense is a whole lot better than of monowall, however, the packetshaper of monowall is a whle lot easier to configure and use. pfsense is a lot more powerful, but kinda complicated for first time users of packet scheduling. AFAIK, only monowall can share bandwidth evenly on a LAN.


Log in to reply