Re: [pfSense Support] monitoring bandwidth usage of individual lan addresses
On Sun, Jun 15, 2008 at 5:43 PM, Daniel Lloyd [EMAIL PROTECTED] wrote: The bandwithd package does just that. But he's running on a ALIX board, isn't he most likely using the embedded version which does not support packages? -Dave - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] monitoring bandwidth usage of individual lan addresses
On Mon, Jun 16, 2008 at 3:07 AM, David Rees [EMAIL PROTECTED] wrote: On Sun, Jun 15, 2008 at 5:43 PM, Daniel Lloyd [EMAIL PROTECTED] wrote: The bandwithd package does just that. But he's running on a ALIX board, isn't he most likely using the embedded version which does not support packages? Ah, missed that. No way currently to run packages on embedded, it's not capable of saving data for things of this nature because of the limits of CF. Some people do full installs on CF and run that way, it's not recommended because theoretically it'll kill your CF. In practice, I know of a number of people running that way and have yet to hear from one who killed a CF card. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] monitoring bandwidth usage of individual lan addresses MORE
yeah, i have a 512mb CF card in there, and yeah it only stores log info.. When I had to do a reformat not too long ago, I tried installing onto a 4GB CF card instead, but since you have to run the installer for embedded in DOS, it hit the cylinder limit and screwed up in the formatting process.. My ALIX board has a 44 pin socket that would take a laptop HD, but I haven't quite figured out physically why they built it so screwed up. In order to connect a drive directly, I'd have to remove my case, and stick the HD in sticking straight up in the air. There is no room for it at all in the casing, even if I rigged a ribbon cable in there. However I have been building a box myself, that is basically done, that uses an old, but really small MB w/ P3 - And I have 5 NICS in there right now, a slim cdr, a floppy, and that 4GB CF card as the HD. I haven't tried it out yet, as I bought the ALIX board, and kinda lost interest, or rather haven't had a need for it until now I suppose.. I also just acquired a Cisco 7507 router, and I'm kinda trying to figure out how to reconfig or config my network properly. I should draw out a network diagram and post it up here, as I know no one who knows one thing about what I'm doing. :) So I will post that asap, once I draw it all out... But I had a few other questions I might need answered before the config can be completed... I have an Apple Airport Extreme - the a/b/g/n one - and it's a piece of crap. :) I mean I got it a while ago, and I primarily do use Macs so it made sense. But the range on the thing sucks, and whenever I'm simply streaming a movie from a NAS device, the thing goes nuts - doesn't play full speed, and the port on the Cisco router it's connected to indicates problems with the flashing green-to-orange.. I can be on the other side of the office, and only have a 30% signal running N only on 5ghz. I have it maxed out - it's just crap. But my ALIX board has 2 miniPCI slots on it that I have yet to mess with. I need something super powerful in regards to range, speed, and multicast. And I know you can't throw 2 wireless cards in there, so what can the other slot be used for? And what miniPCI wireless card would you recommend that I could potentially (as an example) stream a movie a 1/2 mile away? I have access to my roof, and my building is taller than most in this general area, but I live/work in the South Bronx. :) There are so many wireless networks it's insane. I saw these one cards, I can't recall the brand at the moment, but they are operating on the old 900mhz freq. and are supposed to get crazy range, even through walls, which is good, as my building is all brick, exposed brick, and I heard this eats wireless signals. What kind of setup do you suggest? Basically I have 12 enterprise class servers, about 5 workstations, 3 cisco 2924XL-E switches, the ALIX board, the pfSense box in the works, the Apple Wireless, 2 Cisco 2600 series routers that I have no idea what to do with, 5 static IPs but I'm only using one right now, and the Cisco 7507 router fully loaded to the hilt - and running primarily OSX Server, Fedora Core, and Solaris. I got some issues... :) I need to format a windows server - but I dread windows server software... That Cisco router I bought an extra processor board for - so once I get it running, it should be the king. But the 2 sides of it function independently. Oh yeah, and I'm running a combo of copper and fiber. lol. Any ideas, suggestions, comments, would be greatly appreciated. Thanks again. -patrick Patrick M. Murray, M.F.A. http://www.patrickmurray.net On 16 Jun 2008, at 03:11-0400, Chris Buechler wrote: On Mon, Jun 16, 2008 at 3:07 AM, David Rees [EMAIL PROTECTED] wrote: On Sun, Jun 15, 2008 at 5:43 PM, Daniel Lloyd [EMAIL PROTECTED] wrote: The bandwithd package does just that. But he's running on a ALIX board, isn't he most likely using the embedded version which does not support packages? Ah, missed that. No way currently to run packages on embedded, it's not capable of saving data for things of this nature because of the limits of CF. Some people do full installs on CF and run that way, it's not recommended because theoretically it'll kill your CF. In practice, I know of a number of people running that way and have yet to hear from one who killed a CF card. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Two IPs on Lan interface
On Mon, Jun 16, 2008 at 5:35 AM, Matias Surdi [EMAIL PROTECTED] wrote: Is it possible to add another IP to the LAN interface? How must it be done? Thanks. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Only if your NIC is VLAN compatible, but you will have to use a managed switch also.
[pfSense Support] two gateways on the samen network
Suppose I've an OPT interface connected to a network where I've two other gateways, how can I do policy routing to thesese routers? As far as I can see, pfSense just allows one gateway per interface.Am I wrong? Thanks a lot. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] two gateways on the samen network
Matias Surdi wrote: Suppose I've an OPT interface connected to a network where I've two other gateways, how can I do policy routing to thesese routers? As far as I can see, pfSense just allows one gateway per interface.Am I wrong? Thanks a lot. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] No, you're correct, one gateway per-interface is what it currently supports. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Re: two gateways on the samen network
Gary Buckmaster escribió: Matias Surdi wrote: Suppose I've an OPT interface connected to a network where I've two other gateways, how can I do policy routing to thesese routers? As far as I can see, pfSense just allows one gateway per interface.Am I wrong? Thanks a lot. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] No, you're correct, one gateway per-interface is what it currently supports. but. I've just found System-Static Routes. that seems to do the job for me :-) Thanks. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Re: two gateways on the samen network
Matias Surdi wrote: but. I've just found System-Static Routes. that seems to do the job for me :-) Thanks. Yep, that's true. If you only need static routes, then that'll work just fine. That wasn't immediately clear from your initial email. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Two IPs on Lan interface
Will this be a feature in 1.3?? I was actually quite shocked the first time i found out m0n0wall or PFSense didn't support secondary IP Address's. I decided to just use another NIC card for a second LAN subnet and plug both interfaces into the same switch. This will actually scale better, because now we have the option of creating totally separate physical network. Thanks for another work around and script!! Adam Bryan Derman wrote: I've add another IP to the LAN interface by creating an alias on the LAN interface. Via the shell (either use Diagnostics - Command or login via SSH) issue the applicable ifconfig command: e.g., to create an IP alias of 172.16.1.1 for the LAN where the LAN is on the interface xy0: ifconfig xy0 alias 172.16.1.1/24 e.g., to remove an IP alias of 172.16.1.1 from the LAN where the LAN is on the interface xy0: ifconfig xy0 remove 172.16.1.1 Such a setting will disappear upon reboot, but if you create a script and place it in the directory /usr/local/etc/rc.d it'll get executed at the end of the startup: e.g., create a shell script named /usr/local/etc/rc.d/addLANalias.sh that contains --- #!/bin/sh if test $1 = start then /bin/echo -n 'Adding LAN alias to sk0 ... ' /sbin/ifconfig sk0 alias 172.16.1.1/24 echo 'done' fi --- then issue the commands: /bin/chmod 755 /usr/local/etc/rc.d/addLANalias.sh /usr/sbin/chown root:wheel /usr/local/etc/rc.d/addLANalias.sh /etc/rc.d/* files get executed by /etc/rc via /etc/rc.start_packages at bootup. Hope that helps. FYI, on Thu, 7 Feb 2008 04:36:40 -0800 I wrote to this list and asked --- After searching ..., I've not found anything about the best/correct strategy to use to support multiple LAN subnets on a single LAN port. The Questions = - is using address aliases the correct/optimal/best way to create the WAN aliases? - if using address aliases is *not* the best way, what is? ... --- It appeared that my WAN instead of LAN typo in the Questions section was understood. On Thu, 07 Feb 2008 13:36:28 -0500 Chris Buechler posted the response --- I have a document that describes in detail the steps required to accomplish this, though not accessible right now. You're partially right, partially wrong. I'll put it online somewhere later. --- I never received nor found that document but I've used the alias strategy ever since and not encountered any issues other than the fact that the Status - Interfaces web page will report the interface alias instead of the one originally configured. I only mention this because there may be a better way to do this (my level of expertise in this area is only enough to make me _real_ dangerous). Specifically, I don't mean to be critical of Chris as I know how easy it is to miss an email, etc. and the web site (and documentation stuff) was also in much transition at that point in time. There's ample evidence of Chris' excellent responses, including to other questions of mine, and I very much appreciate an respect his key involvement and the results. In fact, there's an all-too-small percentage of commercial software products, let alone open-source projects, that have the overall quality that I've seen with pfSense, its support and even it's overall focus and business. __ Previous message from Matias Surdi on 2008-06-16 at 12:35 PM +0200 -- |Is it possible to add another IP to the LAN interface? | |How must it be done? | |Thanks. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Re: two gateways on the samen network
Matias Surdi wrote: but. I've just found System-Static Routes. that seems to do the job for me :-) If all you need is static routes that's fine. If you need to policy route to multiple gateways on the same interface, that's not possible in 1.2 but it is in 1.3 already. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Two IPs on Lan interface
On Mon, Jun 16, 2008 at 2:55 PM, Bryan Derman [EMAIL PROTECTED] wrote: I never received nor found that document but I've used the alias strategy ever since and not encountered any issues other than the fact that the Status - Interfaces web page will report the interface alias instead of the one originally configured. Sorry about that, got dropped at some point (I get so much email I can't possibly reply to it all, this fell through at some point). Document I spoke of is now available here: http://doc.pfsense.org/multiple-subnets-one-interface-pfsense.pdf I already wrote the code to support this in the GUI for 1.3. It needs some finishing touches, but it works already (aside from removing IPs when they're deleted). The reason it's not supported to date is it shouldn't be done this way, two IP subnets on the same broadcast domain is considered poor network design. Cisco does not support secondary addresses on PIX/ASA, for one example. But it is more commonly needed in routers for a variety of reasons, and pfSense is getting used more and more as a router, so it was something we saw the need to implement. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
