Tunneling and multi-homing?



  • Bear with me, this is a weird setup, and I'd like to try to validate it.

    I currently have DSL and cable at home (I work from home, hence the redundancy).  The DSL is under my control - I have access to the ISP side since I work there.  Currently I have a block of static IPs on both.  This all works well.

    The cable business internet rates are going up a lot, so I'm moving to residential FiOS and ditching the cable.  I will lose the block of statics from the cable line obviously.  What I'd like to do is nail up a tunnel (OpenVPN or IPSEC) on the FiOS line back to the PoP where my DSL originates.  Additionally I'd like to setup some type of dynamic routing with one path being the DSL link and the other being the tunnel.  I do NOT want to use this for all traffic, just outbound ssh/http/https to some netblocks and for inbound traffic.

    This does seem like it should work, but I'm not totally confident I can make all these moving parts play nicely together.



  • Any tips?  Just to reiterate, I do have full control of the tunnel endpoint where I'll be allocating the block from.



  • One more shot, I can't be the only one doing this. :)

    So let's say I have my tunnel set up, be it IPSEC, GRE, whatever.  I have a block of IPs routed over the tunnel TO the pfsense box.  How do I in turn make those IPs usable in both a 1:1 NAT setup AND make some available on another interface (ex. on a VLAN on the LAN side of the pfsense box)?