PfSense Capabilities with AT&T Gateway



  • Hello All,

    I am new to pfSense and from everything I have read it sounds really impressive.  We have moved into a new office building and several businesses are going to share a 6 megabit dsl line from AT&T.  This will be fine as long as none of the tenants hog up the bandwidth.  Because of this, i would like to use traffic shaping.

    It sounds like a great idea, but I am not sure if it will work in our situation.  Here's why:  The dsl router is installed in a central comm room and the building does NOT have cat5 run throughout the offices.  I have no idea why, it's less than 1 year old so it is really strange there is no cat5… Anyway.  We ran a single cat5 cable from the comm room to our office so we could plug in all of our voip phones through a switch at the end of that cable.  I would like to hook a pfsense server into that switch to perform firewall and traffic shaping functions, but I don't know if that is possible.

    the reason I am so unsure of this is because this gateway handles the connection to the dsl, the built in switch (which pfsense would run from) as well as handing out the wireless signal.  I am not a network guru so I don't know if what I want to do is even possible.  It just seems like the device would give the data to other users instead of sending it to pfsense.  Any ideas?

    By the way, we are using the 2wire 2701HG-B gateway provided by at&t.  Here is the link for more information:  http://store.att.com/Catalog/ProductDetails.asp?ProductId=1000%2D401047%2D000&CategoryId=catMRG&show=Specs

    Thank you for your help!

    Br



  • @ds36:

    I am new to pfSense and from everything I have read it sounds really impressive.  We have moved into a new office building and several businesses are going to share a 6 megabit dsl line from AT&T.  This will be fine as long as none of the tenants hog up the bandwidth.  Because of this, i would like to use traffic shaping.

    Because you don't control the actual endpoint connecting you to the Internet, you can't effectively traffic shape. You can shape on the assumption you will get a certain amount of bandwidth, but that does nothing to control the companies you're sharing it with. The other problem with that is variable available bandwidth because you'll never know how much the other companies are using.

    Point being - perfect traffic shaping is pretty much impossible in this scenario because you don't have adequate control over the connection. It'll help some to prioritize just your traffic, but the results won't be ideal if others are beating up on the connection.



  • Because you don't control the actual endpoint connecting you to the Internet, you can't effectively traffic shape.

    After re-reading my post I realized that I misspoke.  The dsl gateway is in the comm room and I do have access to it.  Would prefer to have the pfSense server in my office but if I can't have it here, I can put it in the actual comm room.  I have full control to the end point, the server location was just a preference.  The gateway, on the other hand, can not be moved from the comm room.

    Is it possible to shape traffic when the gateway provides the switch & wireless?  I guess the problem is, it would look something like this:

    Scenario 1: Internet > Gateway > pfSense

    When it should probably look something like this:

    Scenario 2: Internet > dslModem > pfsense > switch & wireless access point

    Is the first scenario possible, or is only the second going to cut it?  If only the second will cut it, I think we can use the gateway as a dsl modem by turning off the wireless.


Log in to reply