Multiple dynamic WAN IPs from one physical interface

bindi · Oct 9, 2015, 9:48 AM

Greetings,

I am currently running pfSense on Hyper-V for testing purposes, and I plan to run pfSense in a xenserver/esxi whenever my new hardware arrives.

My ISP offers me 5 public IP addresses… dynamically, using dhcp. Basically, plug in ethernet and you get an ip.

Is there a way to assign 4 of them for 4 specific mac addresses in the LAN interface of pfSense, and the 1 remaining one for the rest of the machines connected to pfSense?

My end goal is to have unique addresses for the machines, where the 4 machines each update their dynamic dns to different addresses (bindis-mumbleserver.dy.fi, bindis-plexmediaserver.dy.fi) and then on my friends dns server I will create aliases for those (mumble.bindibox.net, plex.bindibox.net). And I want to have the possibility to run (for example) two mumble servers on different VMs, on the same port (so connect to mumble-1.bindibox.net or mumble-2.bindibox.net)

For example:

+------------------------------+---------------+------------------+-------------+
| publicip (from dhcp, random) |  internalip   |   machine name   |     mac     |
+------------------------------+---------------+------------------+-------------+
| 94.22.16.1                   | 192.168.1.110 | mumble-server    | xx:xx:xx    |
| 94.4.5.1                     | 192.168.1.115 | plexmediaserver  | yy:yy:yy    |
| 94.16.3.1                    | 192.168.1.120 | personalvm       | zz:zz:zz    |
| 94.103.55.2                  | 192.168.1.125 | xbmc             | pp:pp:pp    |
|                                                                                                           |
| 94.103.55.10                 | 192.168.1.101 | random-machine-1 | ra:nd:om:01 |
| 94.103.55.10                 | 192.168.1.102 | random-machine-2 | ra:nd:om:02 |
| 94.103.55.10                 | 192.168.1.103 | random-machine-3 | ra:nd:om:03 |
| 94.103.55.10                 | 192.168.1.104 | random-machine-4 | ra:nd:om:04 |
+------------------------------+---------------+------------------+-------------+

bindi · Oct 9, 2015, 2:46 PM

Well, thanks to #pfsense I have this working now. Adding this for others and mainly myself, so I can re-do this at a later point :)

First I created a static dhcp lease for the machine that I wanted to use a certain WAN interface:
(if you run into trouble with the machine not using the static lease ip, make sure all other dynamic leases for the machine are removed, I had to do that and restart networking for this ubuntu machine for the static lease to go into effect)

Also I selected " Register DHCP static mappings in the DNS Resolver" under Services->DNS Resolvers so I can address this machine with "ubuntu" or "ubuntu.bindibox.net" (my local domain name)

In Hyper-V, I have created a Virtual Switch attached to my physical WAN connection:

and pfSense uses this for WAN aswell.

I shut down the pfSense VM, and gave it more network adapters in the VM settings:

and attached all of them to the vswitch that I mentioned above:

then under Interfaces->Assign in pfSense, I assigned the newly attached WAN interfaces and named them like so (i plan to name them wanubuntu, wanmumble, wanplexmediaserver so its more easier to understand which interface i want to use for which virtual machine):

Then under Firewall->Rules, under LAN tab I created a new rule:

and put it above the other rules by selecting the other rules and pressing "move other rules to the end":

You might want to remove gateway monitoring for all but one of them, under System->Routing by editing the gateways listed in there, for this very technical reason:

< monitus> apinger being a pile of poop and not working correctly with multi wan

Voila, it works!

First wget is before applying the previous rule we created, second wget is after the rule is applied: