Best setup for 4xMultiwan
-
I want to build a pfSense router/firewall to pool our 4x32mbit wan we have here.
I tried with OpenWRT and some consumer router but they are way to slow to handle it (+ multi wan is not working properly).
So what I need are 5 network interfaces which I find kinda hard to find. I could buy a very expensive intel card but thats to expensive for me.
What I am looking for is a board with 2 onboard interfaces + 3 pci or 1 onboard and 4 pci.
I guess I can't build a shuttle then (to much pci).
Have you any hardware recommendations (CPU, Board, Ethernet). I think I need a powerful machine didn't I?
-
Okay I was thinking about this card:
http://ark.intel.com/products/49186/Intel-Ethernet-Server-Adapter-I340-T4I am not sure it it is supported by pfSese 2.1 (FreeBSD 8.3) since the product page states FreeBSD9. The 8.3 release notes:
http://www.freebsd.org/releases/8.3R/hardware.html#ETHERNETsay:
The igb(4) driver supports Gigabit Ethernet adapters based on the Intel 82575 and 82576 controller chips:Intel Gigabit ET Dual Port Server Adapter (82576)
Intel Gigabit VT Quad Port Server Adapter (82575)
Don't know where to find the chipset name of this card.
What is about new processors (new AMD fusion)? Are they supported?
-
The I340 (and the I350) are supported under 2.1.
Before you start buying hardware though, can you describe exactly what you mean by "pool"? If you're expecting pfSense to magically bind those connections together and give you 128Mbit/s of throughput you'll be disappointed.
-
Describe precisely what you need so wen can help.
-
What I want to do is a load balancing. I have 4 wans with DS-Light on each. So I need 5 interfaces or 5 vlans. 4 for the wan and one for the lan.
Problem is the provider does not hand out modems, just consumer router. I split my thoughts of the configuration into the two protocols because I want both to work:
IPv4:
The only thing I can configure is the IP of the router in a static subnet (cannot change it): 192.168.0.xxx. The router then does nat and optionally DHCP to the 192.168.0.xxx network. So the pfSense would be directly behind the the consumer router and all it's wan interface Ips (one interface per consumer router) are on the same subnet (hope that is not a problem).I then configure 10.0.xxx.xxx subnet on the pfSense lan interface and pfSense does it's own NAT to provide load balancing. It does have to do NAT anyways because I can't set a route to the 10.0.xxx.xxx network on the consumer router (no settings on this thing).
So IPv4 should work I guess.
IPv6:
IPv6 could be problematic because the delegated prefix is not static. It works this way:
The consumer router does DHCP-PrefixDelegation to get the /56 prefix from the ISP. Then he provides stateless auto configuration on it's lan interface. He provides it's lan clients with a /64 prefix of the delegated /56 prefix. The prefix does not change often (on router restart I guess) but It can change (there is a button for this in the web interface, too).As far as I seen pfSense can't just use a dynamic prefix. OpenWRT can do this: You just say: "Hey take the prefix from this interface and provide auto configuration using this prefix to another interface."
Or is such a thing possible?
I hope this is prices enough.
-
I'm not familiar with multi-wan setups, but in regards to your multi-nic issue.. I would just get a decent gigabit switch that supports vlan tagging, and then you have as many nics as your switch has. That way your pfsense box only needs to have 2 nics.
Don't go cheap on the switch however, a lot of switches crap out when more than 1 port sees high traffic.
-
Any recommendations? I have no idea which is a good and compatible switch.
-
Cheap and stable - http://www.tp-link.com/en/products/details/?categoryid=222&model=TL-SG3210
-
Yup, this is the one I'm running right now. Took a little adjusting to its vlan interface, but has been pretty sturdy for me.
Cheap and stable - http://www.tp-link.com/en/products/details/?categoryid=222&model=TL-SG3210
-
Netgear GS108T-200 will be a good choice as well. Cheap and sturdy.
http://www.netgear.com/business/products/switches/smart-switches/smart-switches/GS108T-200.aspx
-
Netgear GS108T-200 will be a good choice as well. Cheap and sturdy.
http://www.netgear.com/business/products/switches/smart-switches/smart-switches/GS108T-200.aspx
I've got a bunch of these at my house. I use a GS110TP to power them all over Ethernet.
-
What about this card:
http://ark.intel.com/products/50481/Intel-PRO1000-GT-Quad-Port-Server-AdapterIs this card any good (Intel-PRO1000-GT-Quad-Port)? Does it have 4 individual interfaces or just bridged?
-
That card is 4 seperate interfaces and will be supported by pfsense.
BUT, it's a pci-x. Does your board support that? If you only have pci slots will that be sufficient bandwidth? Will it fit at all (5V and/or 3.3V cutouts)?Steve
-
Hmm no I want PCI-E. I think I will go for the I340-T4.
I am thinking about buying a used Dell Optiplex 3010 (i3 ivy bridge cpu). Very stylish and slim. + it has a x16 PCI-E. Since the I340-T4 is low profile (it can be both) it should be working.
The only thing that bothers me is that the description of the dell homepage says it's a Realtek onboard NIC (it does not say which model exactly). Since I need to use all interfaces I have to ask: How bad are these Realteak cards (I read many bad things about them here) and are they generally supported by pfSense?
-
The more recent Gigabit realtek nics aren't that bad. Many people are using them with no issues especially if you're trying to push the maximum speed through them. Much of the bad rep realtek NICs have is due to the older 10/100 cards which really were bad.
Steve
-
I found an older and cheaper Optiplex 760 on ebay (core2). Dell spec sheet says Intel WG82567LM is the ethernet onboard nic. Is this card supported and any good (better than realtek)?
-
The 82567lm is not listed directly anywhere because (I assume) it's the phy used with the NIC included in the Intel ich chip. I would say it's almost certainly supported and will be better than a realtek NIC.
Steve
-
Hooray got a i340-t4 low profile for 100€ on ebay.
Also got the Ivy Bridge Optiplex with the realtek card. Decided to pay the extra money because the i3 performs almost twice at fast (checked benchmarks) as the core2 with lower power consumption.
I will use the realtek as one of my multi wan interfaces. So there will not be much traffic on it.
I think with this beast I can handle 4x32mbit multi wan (full speed when downloading with multiple connections).
-
I think with this beast I can handle 4x32mbit multi wan (full speed when downloading with multiple connections).
Without breaking a sweat I would think. ;)
Steve
