Multi-WAN support with same gateway on multiple interfaces ***{NOW $650}***
-
@ermal:
Well there is a way adding to pf(4) the ability to directly send arp packets in the wire :).
But if i add that then it will open up the ability to do arp level(layer2) balancing wouldn't it :PI don't think that would solve it though - we're talking about the same MAC address on both interfaces as well generally, so L2 load balancing wouldn't fix this. It has to have a way to leave a particular physical interface, without using anything L2-L7.
-
@cmb:
@ermal:
Well there is a way adding to pf(4) the ability to directly send arp packets in the wire :).
But if i add that then it will open up the ability to do arp level(layer2) balancing wouldn't it :PI don't think that would solve it though - we're talking about the same MAC address on both interfaces as well generally, so L2 load balancing wouldn't fix this. It has to have a way to leave a particular physical interface, without using anything L2-L7.
I thought it was the same ip for the gateway ;)
For the same mac address not much can be done with different enviroments ;-{
-
I really have no idea how pfSense works, because I am just in the thinking stages of whether I should move to a pfSense/IPCop router or should keep my perfectly fine cisco multi-wan VPN router. Nevertheless, I'd like to throw this idea out there (please don't flame if its a stupid idea).
It seems that multi-wan support is merely an appendage feature that's thrown in at the end of the project without much thought behind it. But, wouldn't it be better if IpTables was redesigned to simply address which ethernet port the packets should be forwarded to?
–-------------------
Something like this would be the setup for someone who wants to have one group of PCs use one modem, and another group of PCs use another modem:| IP Range | Default Ethernet Adapter | Backup Ethernet Adapter | Load Balance Switch Threshold (kbps) (Note1) | Applicable Ports (Note2) |
| 192.168.0.* | 0 | 1 | 2000 | * |
| 192.168.1.* | 1 | 0 | 2000 | * |
| 192.168.1.0-192.168.1.10,192.168.1.15,192.168.1.34 | 0 | 1 | 2000 | * |–-------------------
And using the same table, but going with a different need, something like this would be the setup for someone who wants, for all PCs, to direct certain types of traffic to one modem, and other types of traffic to go to another modem:| IP Range | Default Ethernet Adapter | Backup Ethernet Adapter | Load Balance Switch Threshold (kbps) (Note1) | Applicable Ports (Note2) |
| * | 0 | 1 | 2000 | * |
| * | 1 | 0 | 2000 | 80-81,500 |–-------------------
(Note1) Set "Load Balance Switch Threshold" to 0-kbps to never load balance, meaning the backup ethernet adapter would only be used if the first one failed.(Note2) If you leave out a port, the router will not forward packets on that port to any ethernet adapter, meaning the packet on that port would be dropped (blocked) like an outgoing firewall.
-
Well, ;D, you remind me of why so many people talk as they please and few of them do the real work.
-
That is a really cool idea and would put pfsense above all others! Unfortunately, it is going to take some massive rewrite and someone's commitment to accomplish that. I will put down $200 out of my own pockets to see work being down in that direction.
-
@ermal:
Well, ;D, you remind me of why so many people talk as they please and few of them do the real work.
I'm sorry..
That is a really cool idea and would put pfsense above all others! Unfortunately, it is going to take some massive rewrite and someone's commitment to accomplish that. I will put down $200 out of my own pockets to see work being down in that direction.
Thank you
I would be inclined to support a project with this functionality as well, but I only learned about pfsense and feature bounties today. I am wondering what the trackrecord is and/or likelihood that something would actually be developed.
-
The bounty system proved successful for the traffic shaper. Now it is vastly improved and functional.
-
I would be inclined to support a project with this functionality as well, but I only learned about pfsense and feature bounties today. I am wondering what the trackrecord is and/or likelihood that something would actually be developed.
For this feature, I don't know how likely it is to be completed. This is a more difficult one to implement than ones that have been completed in the past.
The only problem to date with bounties is people pledging support and never paying. The last one I did was even worse - I bought the hardware the company was using so I could implement the desired functionality with the promise it would be reimbursed, did the work as agreed upon and it was successfully completed. They refuse to pay, so I'm out $450 USD out of my pocket plus all the time spent. Losing time is one thing, losing that much money out of my pocket is another entirely… Lesson learned, I'll never buy any hardware under the promise of reimbursement again.
The bounty system has proven to be a great way to get functionality implemented for the end users. The developers have gotten screwed on multiple occasions, to varying degrees, but no end user has ever gotten less than promised.
-
@cmb:
I would be inclined to support a project with this functionality as well, but I only learned about pfsense and feature bounties today. I am wondering what the trackrecord is and/or likelihood that something would actually be developed.
For this feature, I don't know how likely it is to be completed. This is a more difficult one to implement than ones that have been completed in the past.
Thank you for replying. It seems that there are many many of threads on I see on the internet about "why doesn't IPCop support multi-WANs", and "why is it so hard to get multi-WANs working in pfSense". Therefore, I would assume that well-designed, intrinsic functionality to support a multi-WAN environment should be a high priority.
But nevertheless, are you saying that I should not pledge any money on this project because it is not likely to be completed? I would really appreciate a realistic projection.
Thank you
-
Well nobody stops you from pledging!
The problem is that the offer should be serious and so should be your commitment when the bounty is finished.I do not think that multi-WAN in pfSense is difficult, though in 1.3 the configuration has changed somewhat.
The first thing before pledging moeny is stating what are your needs and after that what is your pledge.
Ermal
-
@ermal:
Well nobody stops you from pledging!
The problem is that the offer should be serious and so should be your commitment when the bounty is finished.I'm serious about getting something done. I'm not going to pledge money for this idea if cmb is saying it's not going to be doable…....
-
Actually it is quite doable and i am one of the possible implementers of it. Just need to be convinced to do it…..
-
That's good news. I'm very serious about committing $200 of my personal money for this. I use pfsense for home use only as I am a geek =D I paid a little for the traffic shapper changes even though I do not use it but I hear it was well worth it.
Cheers!
-
@ermal:
Actually it is quite doable and i am one of the possible implementers of it. Just need to be convinced to do it…..
Great.. How much total pledge money will convince you?
-
How much total pledge money will convince you?
You make your offer and i will give my answer.
-
At this point, I am considering pledging an additional 200 USD on top of GoldServe's 200.
However, I would feel more comfortable with a bit more convincing that a feature such as this is even feasible to do in the first place. On page 1, you and cmb were discussing possibilities on how to tackle this initiative, and it didn't appear to have much resolution.
I appreciate your response.
-
Sorry not interested with this pledge since it is a major undertaking, really.
For the matter this is doable with some hacks directly to the kernel not fancy ones but it is doable.
-
Thanks anyway ermal.
Any other developers out there?
Any other pledges?
-
There hasn't been much activity on this thread for a while, but I would be willing to pledge $100 to have this sort of support added to pfSense.
-
I'll pledge whatever I can sell my 3 linksys wired routers for, probably $50.