Multi WAN, Mulit LAN & Multi Subnet with bandwidth control??



  • Hi all,

    Not sure if the title is accurate for my situation, sorry for that. I have been a long time BASIC user of PFsense, love the platform. Kudo's to the developers.

    Let me first tell you what infrastructure I have and then I will go into what I want to achieve.

    I currently have 1 x Atom UNO micro ITX platform with 4gig SSD drive, 1gig RAM and 4 gigabit NIC's. Nice, tidy unit. I have 2 100mb/40mb fibre connections, 1 for me and 1 for my business. These are not shared, bonded or setup to failover etc. Currently only 1 fibre connection is used through the PFsense box. Both connections have a static IP with a routed /29 from the ISP (not in the same subnet as the wan). I have a small personal server I want to run off my connection and the business has a larger server to run off it's connection. Both servers are Xenserver Hypervisors with multiple VM's.

    What I am trying to achieve, if possible, is for both connections to be handled by the PFsense box with each servers VM's being able to make use of the public IP's from each of the respective ISP's allocated /29.

    Here is a diagram of what I want to achieve:

    WAN1 –-----211.161.XXX.XXX ----------- P --------em0 (Private LAN) -------Switch to private home network using NAT
                                                                  F             
                                                                  s --------em1 (Private Server) ------- 211.160.XXX.XXX/29 ------Xenserver Hypervisor/VM's
                                                                  e                                                           
    WAN2 -------202.145.XXX.XXX ----------- n --------em2 (Business Server) ----- 202.130.XXX.XXX/29 ----- Xenserver Hypervisor/VM's   
                                                                  s
                                                                  e --------em3 (spare)

    Hopefully that makes sense. The key thing here is em1 and em2 do not have any 1:1 NAT or transparent firewalling etc. Basically a straight through connection, I will look after security with IPtables. Having said that, there must be no security risk to each other or my private network.

    Accessing both the em1 and em2 from em0 would be nice but not crucial as I will be able to access them through the WAN.

    Now, I would also like to prioritize bandwidth from em1 over em0, em2 has it's own connection so this is not an issue. em3 is spare but may be used for a third server on a 3rd WAN should my business be successful in a current deal.

    I guess the first question is can this be done with PFsense? The second is how?

    Over to you, the experts.  ;D



  • Hello! I am trying to basically achive the same thing. I would like one pf sense box to handle multiple WANs and LANs separately.

    Bump!


Log in to reply