2 ip subnets with 2 providers
-
Hi all,
I have a location with 2 providers and 1 subnet /27 from each provider
it is possible to load balance the traffic through providers and in the same time every computer behind pfsense to be routed in internet with an ip address from routed subnets?
I do not want to buy subnets and as numberthanks
-
I have a location with 2 providers and 1 subnet /27 from each provider
Ok
it is possible to load balance the traffic through providers
Let pfSense acting as a firewall and doing load balancing would be your way.
- session based load balancing
- policy based load balancing
- service based load balancing
With weighting and ratios if both Internet connections are not at the same speed.
and in the same time every computer behind pfsense to be routed in internet with an ip address from routed subnets?
Why PCs should be routed to the Internet with their own static public IP address?
Are this Servers or PCs? Or are you acting as a ISP/WISP it selfs.Perhaps pfSense should then acting as a traffic shaper more then a load balancer.
I do not want to buy subnets and as number
Me too ???
-
computers have private ip class
sometimes ip`s are blocked by some sites used in activity and they cannot afford to block all computers -
computers have private ip class
sometimes ip`s are blocked by some sites used in activity and they cannot afford to block all computersNot clear to me. It doesn't explain (or I don't understand) why you would want to route public IP from your LAN.
-
you cannot/shouldn't/won't work.
assymetric routing is impossible when you don't control the entire setup: https://doc.pfsense.org/index.php/Asymmetric_Routing_and_Firewall_Rules -
@gabi
It would perhaps helping much more if you try out to draw a small network schematic for us. -
i do not have visio on this computer but i make something
all computers have private class 192.168.0.0/24
from both ISP I have a public ip and a subnet /27 routed through this ip
i want each computer to be seen in internet with a ip from /27 (1ip from ISP1 / 1ip from ISP 2)
also internet connections to be used in a round robin manner between ISP(have the same speed)I can set from NAT to force a computer to be routed with an ip from /27 but the second ISP will not allow of course to use ip from ISP 1 and viceversa
thanks
-
i want each computer to be seen in internet with a ip from /27 (1ip from ISP1 / 1ip from ISP 2)
also internet connections to be used in a round robin manner between ISP(have the same speed)Your drawing is pretty clear but I don't understand, unless you are hosting services, on each internal desktop, to be accessed from internet, why you would need to have each desktop seen with pubic IP.
- Load balancing is pretty straightforward defining gateway group.
Still source IP translation is questionable and at least not clear to me.
-
i want each computer to be seen in internet with a ip from /27 (1ip from ISP1 / 1ip from ISP 2)
This would be not able to do as I see it right, without using AS and BGP, and with using this
you will see even also only one PC with one IP! But this way you wont go as you explained above.also internet connections to be used in a round robin manner between ISP(have the same speed)
Load balancing between two or more ISPs would be running at a glance without problems and there are
three common and mostly used methods to do so and realize it well, and yes the policy based routing is
a so called round robin manner so please beware of using the real round robin method please!!!
This is only for CARP or cluster based pfSense firewalls that has a switch in the front of the WAN ports
and some modems connected to this switch also and then perhaps if two or more ports are building a
static LAG (not over LACP) and this will be used then as one WAN Port.I can set from NAT to force a computer to be routed with an ip from /27 but the second ISP will not allow of course to use ip from ISP 1 and viceversa
Yes for sure this is correct and there fore I was telling at some line above that is not able to realize with
load balancing, perhaps you will find a way to let the pfSense acting as a traffic shaper or something like this.