[HELP] pfSense VLAN over ADSL - Advanced Setup.
-
Dear all,
I have a situation where by i need to dial PPPoE session within VLAN through 3 ADSL modems. To explain this situation, here's my setup:
1. 3 ADSL Modems from ISP that provides VLAN 500 (internet) and VLAN 600 (IPTV)
2. Dell Power Edge 210 Dual NIC
3. HP 1810-24 Layer 2 Switch.Here's the diagram (attached)
Situation:
pfSense dials PPPoE session through VLAN 500 . Since this setup mainly uses 3 Modems, i hit the wall when trying to make pfSense dials 3 modems . Each modems expects VLAN 500 ID . I'm not sure how to achieve this.
My situation is somewhat the same as this https://forum.pfsense.org/index.php?topic=62823.0 . Reading from that link:
A. Would i need the QinQ ?
B. If QinQ is required, would my hardware supports it? Not sure whether the switch can do it or not.
C. Is there any example setup of QinQ from pfSense?Thank you.
-
wouldn't simple solution just be to use 3 nics on pfsense that connect to each modem..
-
One Intel Quad Port card is able to solve this situation with 3 WAN ports and one LAN Port
where the switch will be attached then. You can easily create then three Gateways, each for
a WAN Port and do a load balance over them.And what is your provider saying about this situation you are in?
I mean what is when he is selling only one modem to a client that want to get Internet and IPTV?
How this client must assemble his firewall to manage this? What ISP do you using that is selling
such a modem that is only able to deal with one VLAN if two VLANs are there? -
Dear johnpoz,
Thank you for your time to read and respond to my post thread. I do agree on having multiple NIC's would solve this problem but i'm not sure which product would fit my needs since Dell PowerEdge 210 is a 1U configuration size, i would need a product which can fits 1U size and until now, i'm still trying my best to search for that. If you do stumble upon it or any other best practice solutions, please do let me know.
Dear BlueKobold,
Thank you for your time to read and respond to my post thread too, although as painful as it looks, my ISP is Telekom Malaysia and they wouldn't care since their KPI (key performance index) is to ensure internet and IPTV (you are correct to assume that IPTV also being served as VLAN ID 600 - another puzzle to solve later) is served until modem . What the end customer would do regarding on how to NAT or manage 3 modems doesn't "fall" in their KPI area. As for the Intel Quad Port, please refer to my respond above to johnpoz.
Please do forgive me since English is not my native language. I'll try my best to explain as much as i can and as clear as i can. Thank you
-
…..i would need a product which can fits 1U size and until now, i'm still trying my best to search for that.
I don´t know your chance to get your hands on a refurbished Intel Quad port NIC but this might be perhaps
another situation in Malaysia as here in Germany or in the USA. try out to find some of this NICs shown under
the Link.Back to your problem I would assume that you are connecting each modem to one switch port
and each switch port is assigned to two VLAN numbers. So each switch port will be a member
of two VLANs. And the IP address of the VLAN will be then the gateway at the pfSense WAN set up.
Would this go straight?although as painful as it looks, my ISP is Telekom Malaysia and they wouldn't care since their KPI (key performance index) is to ensure internet and IPTV
I am pretty sure that the other customers must also solve out this problem with the both VLAN IDs
and there fore it might be that the technical hotline from the Telecom Malaysia will be able to provide
you an answer on this question. -
Dear BlueKobold,
Thank you for the link, i'll take a look at it. It's quite hard to find Quad Port NIC here in Malaysia and if it exists, the price is really like buying 100gram of gold, but thank you sir, i'll take a look at it.
Regarding your comment on modems employs one switch port each (3 in this case) . I don't quite get the part where each switch port would be a member of 2 VLAN. Please correct me if i'm wrong as per what i understand the following VLAN layout:
First VLAN
–-------------- Modem 1 VLAN ID = 10
- Modem 2 VLAN ID = 11
- Modem 3 VLAN ID = 12
Second VLAN
-
Modem 1 VLAN ID = 500
-
Modem 2 VLAN ID = 500
-
Modem 3 VLAN ID = 500
-
LAN/WiFi Client = 60
First VLAN tag sequence
Tagged Port 12 and Port 1 = PVID 10
Tagged Port 12 and Port 2 = PVID 11
Tagged Port 12 and Port 3 = PVID 12Second VLAN tag sequence
Tagged Port 12 and Port 1 = PVID 500
Tagged Port 12 and Port 2 = PVID 500
Tagged Port 12 and Port 3 = PVID 500Other sequence
Tagged Port 12 and Port 13 = PVID 60
Please refer to attached picture for references .
Is this what it should look like ? Please do excuse my VLAN knowledge since i'm beginner at best with VLAN manipulation or VLAN with pfSense. Thank you for reading and above else, thank you for responding.
-
So it has dual ports built in right? So you have 1 for wan and 1 for lan. So you really only need a dual port card to add to its 1 slot that available. That would give you your 3 wan you need an 1 lan.
So I see this off the ebay.my site
http://www.ebay.com.my/sch/i.html?_from=R40&_trksid=m570.l1313&_nkw=Broadcom+Dual+Port+1GbE+NIC&_sacat=0
84RM is only $20 USD… I would think that has to be a decent price... That top one has free postage even, the 2nd one is 30RM postage... Even with the postage these prices would seem reasonable to spend.
Those 5709 nics seems to be on the list of compatible cards
http://www.dell.com/us/business/p/poweredge-r210/pd -
So it has dual ports built in right? So you have 1 for wan and 1 for lan. So you really only need a dual port card to add to its 1 slot that available. That would give you your 3 wan you need an 1 lan.
So I see this off the ebay.my site
http://www.ebay.com.my/sch/i.html?_from=R40&_trksid=m570.l1313&_nkw=Broadcom+Dual+Port+1GbE+NIC&_sacat=0
84RM is only $20 USD… I would think that has to be a decent price... That top one has free postage even, the 2nd one is 30RM postage... Even with the postage these prices would seem reasonable to spend.
Those 5709 nics seems to be on the list of compatible cards
http://www.dell.com/us/business/p/poweredge-r210/pdDear johnpoz,
Thank you sir for your respond and the link that you suggested. I did my research on the compatible cards and i found a good list of candidates and it should be no problem for me to order and purchase it. 84RM is a good deal considering that it's a dual port, most of the dual ports here costs at least 250RM and above. Anyway thank you again sir.
