Re: RES: [pfSense Support] Subnets in same NIC

[Victor Pasten]

- "Ivanildo Galvão - IT Services"  escribió:

> Without doubt , I agree with you. The ideal would be to create VLANs,
> or have more than one network interface and each connected to a
> network, or switch to adifferent wireless AP , but when the customer
> does not have these resources and how 've used Linux before and asked
> to do the same with pfSense , I accepted to do this on your network .
> 
> So the solution lay in pfSense create Virtual IP , is it? The setting
> is the firewalltab , correct? By creating a virtual IPO rager ,
> attached to the LAN interface ?
> 
> 
> 
> 
> 
> Ivanildo Galvão - MCP, MCT, MCSA, VSP
> 
> Consultor de Tecnologia
 
Hi guys,for Virtual ips, go to menu:

Firewall -> Virtual IP -> Ip alias 
(http://doc.pfsense.org/index.php/2.0_New_Features_and_Changes#Aliases )

Obviously, you CAN'T use services like dhcp, because the physical media is 
common to all sub-networks.

- Plan B, 
http://produto.mercadolivre.com.br/MLB-196366203-switches-cisco-12-portas-_JM  
US$50 and enjoy... more secure, flexible, with dhcp, etc.

bye

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Re: [pfSense Support] Success Story

[Jim Pingle]

On 8/30/2011 8:21 PM, Nathan Eisenberg wrote:
> It seems like there are always questions and/or complaints on this list, so I 
> just wanted to share a success story.
>
> We just returned (this weekend) from running the PC gaming network at Penny 
> Arcade eXpo's west coast event.  This is a rather high profile event attended 
> by 60,000+ people, with the PC gaming room being divided into two sections - 
> PC Freeplay, with Intel powered machines donated by Intel themselves, and 
> BYOC, which is more like a regular LAN party where people bring their own 
> rigs.  They both share a common internal network (/22) so that they can play 
> games with eachother.

Awesome!

> One of the major issues this event has always faced is bandwidth.  The 
> convention center's bandwidth is extraordinarily expensive, so the event is 
> only able to afford a 45Mbps connection (for 500-600 gaming PC's).  This 
> connection has to support regular web browsing, email, IM, etc, as well as 
> game traffic AND game patch traffic (ala Steam and Battle.NET).  Further 
> complicating matters, at some points, there are also video streams and 
> tournaments with real money riding on them, which have to run smoothly.
> Up till now, this has always been accomplished with traffic shaper rules, but 
> these are complex, and difficult to explain to others.  They're also not easy 
> to adjust in an adhoc manner.  This year, we tried out the bandwidth limiter 
> feature, and basically created different buckets for the protocols and ports 
> we wanted to allow.  This made it extremely easy to make sure that there was 
> ALWAYS bandwidth available for the PC attached to a projector showing a video 
> stream, and that the people playing in the Starcraft 2 tournament had enough 
> bandwidth to log on.  It was easy to tweak and adjust as the demands evolved.
> So, to whoever built that feature- THANK YOU!

Yes the limiters are a very easy way to setup containers for bandwidth
and impose limits for a group or per-IP limits as well. Some (like you)
have found it an easier alternative to achieving bandwidth guarantees
than traditional shaping rules, and they fill in a few gaps where those
make things difficult/impossible.

> My one bit of feedback: The 'Limiter Info' page is currently *very* hard to 
> decipher.  It would be quite nice if there was a readily available breakdown 
> (maybe in graph form, too?) of the different limiters and their utilization.

That might be doable for the future. It being a new feature things are
still a little rough in the reporting department. We are moving to
jQuery for pfSense 2.1 so I imagine someone will turn up a nice graphing
widget we can use to make that a bit easier to read.

> Pics (apologies for the shameless plug - it's the only location that I have 
> them available at):
> http://www.facebook.com/media/set/?set=a.10150348477738933.398042.102500853932
> 
> PS - you can't see it due to the contrast, but on the picture with the rack 
> and monitor, that monitor was showing the realtime bandwidth utilization (the 
> SVG graph thingy), and people seemed to think that was pretty neat!
> PPS - Oh, here's one where you CAN see it, kinda: 
> http://hphotos-snc7.fbcdn.net/322411_10150348722388933_102500853932_9609136_7921564_o.jpg

The real time graphs are always a hit. :-)

Thanks for sharing!

Jim

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Re: [pfSense Support] Subnets in same NIC

[Isamar Maia]

I wouldn't bet on this approach.

Create a /16 network, 192.168.0.0/255.255.0.0 and live happy.

Isamar


2011/8/30 Ivanildo Galvão - IT Services 

> Without doubt, I agree with you. The ideal would be to create VLANs, or
> have more than one network interface and each connected to a network, or
> switch to adifferent wireless AP, but when the customer does not have these
> resources and how've used Linux before and asked to do the same with
> pfSense, I accepted to do this on your network.
>
> So the solution lay in pfSense create Virtual IP, is it? The setting is
> the firewalltab, correct? By creating a virtual IPO rager, attached to the
> LAN interface?
>
> ** **
>
> * *
>
> *Ivanildo Galvão - **MCP, MCT, MCSA, VSP*
>
> *Consultor de Tecnologia*
>
> Tel. (84) 3201 2146 | Cel. (84) 9111 8873
>
> ivani...@itservices.com.br| www.itservices.com.br 
>
> Twitter: @ivanildogalvao 
>
>   
>
> ** **
>
> * *
>
> * *
>
> * *
>
> ** **
>
> *De:* Chris Buechler [mailto:cbuech...@gmail.com]
> *Enviada em:* terça-feira, 30 de agosto de 2011 21:44
>
> *Para:* support@pfsense.com
> *Assunto:* Re: [pfSense Support] Subnets in same NIC
>
> ** **
>
> ** **
>
> On Tue, Aug 30, 2011 at 8:39 PM, Ivanildo Galvão - IT Services <
> ivani...@itservices.com.br> wrote:
>
> Yeah, I know it works with VLAN, but wanted to implement something simpler,
> the problem is that the customer had this scenario before working with
> Proxywith Linux and pfSense he wants to have the same solution, on
> Linux it had asingle NIC which was subdivided
> into 03 virtual eth, eth each subnet representsa ranger, according to
> the MAC filter stations put Linux on their respective networks.
>
> I downloaded the version of pfSense RC3 today, here
> in VMware Workstationinstalled to see if I can find some option, but so
> far I see nothing that addressesthis need.
>
> ** **
>
> That's what IP alias virtual IPs are for. It's generally not a good
> practice to do so as having multiple subnets on a single broadcast domain is
> ugly, largely pointless, and considered poor network design, but you can.
> 
>
> ** **
>



-- 
Isamar Maia
Cel. VIVO SSA:  (55) 71-9146-8575
Cel. TIM SSA: (55) 71-9185-5264
Fixo:  (55) 71-4062-8688
日本: +81-(0)3-4550-1212
Skype ID: isamar.maia

RES: [pfSense Support] Subnets in same NIC

[Ivanildo Galvão - IT Services]

Without doubt, I agree with you. The ideal would be to create VLANs, or have
more than one network interface and each connected to a network, or switch
to adifferent wireless AP, but when the customer does not have these
resources and how've used Linux before and asked to do the same with
pfSense, I accepted to do this on your network.

So the solution lay in pfSense create Virtual IP, is it? The setting is the
firewalltab, correct? By creating a virtual IPO rager, attached to the LAN
interface?

 

 

Ivanildo Galvão - MCP, MCT, MCSA, VSP

Consultor de Tecnologia

Tel. (84) 3201 2146 | Cel. (84) 9111 8873

  ivani...@itservices.com.br|
 www.itservices.com.br 

Twitter: @ivanildogalvao 

  

 

 

 

 

 

De: Chris Buechler [mailto:cbuech...@gmail.com] 
Enviada em: terça-feira, 30 de agosto de 2011 21:44
Para: support@pfsense.com
Assunto: Re: [pfSense Support] Subnets in same NIC

 

 

On Tue, Aug 30, 2011 at 8:39 PM, Ivanildo Galvão - IT Services
 wrote:

Yeah, I know it works with VLAN, but wanted to implement something simpler,
the problem is that the customer had this scenario before working with
Proxywith Linux and pfSense he wants to have the same solution, on Linux it
had asingle NIC which was subdivided into 03 virtual eth, eth each subnet
representsa ranger, according to the MAC filter stations put Linux on their
respective networks.

I downloaded the version of pfSense RC3 today, here in VMware
Workstationinstalled to see if I can find some option, but so far I see
nothing that addressesthis need.

 

That's what IP alias virtual IPs are for. It's generally not a good practice
to do so as having multiple subnets on a single broadcast domain is ugly,
largely pointless, and considered poor network design, but you can. 

 

<>

Re: [pfSense Support] Subnets in same NIC

[Isamar Maia]

I know the kind of workaround of this scenario.

No sure if it's possible using PFSense's DHCP stuff.

I would try to set a /16 network, like 192.168.0.0/16 for the LAN interface,
and define
static IPs through DHCP service settings, for different profiles and users.

Anyway, we cant' say it's a safe way.

isamar


2011/8/30 Ivanildo Galvão - IT Services 

> Yeah, I know it works with VLAN, but wanted to implement something simpler,
> the problem is that the customer had this scenario before working with
> Proxywith Linux and pfSense he wants to have the same solution, on Linux
> it had asingle NIC which was subdivided into 03 virtual eth, eth each
> subnet representsa ranger, according to the MAC filter stations put Linux on
> their respective networks.
>
> I downloaded the version of pfSense RC3 today, here in VMware
> Workstationinstalled to see if I can find some option, but so far I see
> nothing that addressesthis need.
>
> ** **
>
> * *
>
> *Ivanildo Galvão - **MCP, MCT, MCSA, VSP*
>
> *Consultor de Tecnologia*
>
> Tel. (84) 3201 2146 | Cel. (84) 9111 8873
>
> ivani...@itservices.com.br| www.itservices.com.br 
>
> Twitter: @ivanildogalvao 
>
>   
>
> ** **
>
> * *
>
> * *
>
> * *
>
> ** **
>
> *De:* Isamar Maia [mailto:isa...@gmail.com]
> *Enviada em:* terça-feira, 30 de agosto de 2011 21:30
> *Para:* support@pfsense.com
> *Assunto:* Re: [pfSense Support] Subnets in same NIC
>
> ** **
>
>
> If your switch 3com is a managed one, maybe you can try to setup VLANs
> in the switch and inside your PFsense box settings.
>
> It's not so simple to do but it seems to be a cleaner solution.
>
>
> Isamar
>
> 
>
> 2011/8/30 Ivanildo Galvão - IT Services 
>
>
> Guys, need to make a single LAN network card, plugged into a switch 3com,
> IP
> delivery for different grinding machines that may connect to the network,
> for example:
>
> Computers on the internal network, get the IP subnet 192.168.0.0/24
> Computers visitors entering the network, get the IP subnet 192.168.1.0/24
>
> Is there any way to do this? It would be a MAC address?
>
> This works beautifully in another proxy that the client had was a Linux
> Ubuntu, he had an eth0-1 / eth0-2 / eth0-3, Linux was sending the IP
> address
> according to the MAC table, that the same eth0, he could perceive only the
> virtual interface eth0 (192.168.0.0/24 = 1, 2 - 192.168.1.0/24, 3 -
> 192.168.2.0/24)
>
> The pfSense is virtualized, I tried using two NICs connected to the same
> vm_network, each virtual NIC with DHCP, put each IP address tied to the mac
> due, but sometimes the machines come in a network, sometimes on another
> network, I need a solution urgent for a client.
>
> I appreciate everyone's help!
>
>
> Ivanildo Galvão - MCP, MCT, MCSA, VSP
> Consultor de Tecnologia
> Tel. (84) 3201 2146 | Cel. (84) 9111 8873
> ivani...@itservices.com.br| www.itservices.com.br
> Twitter: @ivanildogalvao
>
>
>
>
>
>
> -Mensagem original-
> De: Nicolas Roussi [mailto:nicolas.rou...@archimedean.org]
> Enviada em: terça-feira, 30 de agosto de 2011 19:38
> Para: support@pfsense.com
> Assunto: [pfSense Support] Traffic Shaper ?
>
> Hi, i am running 1.2.3 and I need some ideas on how to limit and prioritize
> traffic This is the setup
>
> internet <---10Mbps--->MainFirewall
> (NAT)<---1000Mbps--->pfSense(NAT)<1000Mbps--->1600 wireless clients
>|
>|
> servers
>
> Besides the double NATing, first I would like to make sure that traffic
> that
> goes to the Internet only uses 2MBps.
> Second, I would like to block everything except 80,443,548, 25 and a few
> other services (I can do that in the firewall settings) Third, from those
> services, I would like to give priority and full bandwidth to AFP (548)
> then
> to web and then the rest.
>
> Is this possible?
>
> Any help is greatly appreciated.
>
> Thanks
> -
> To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional
> commands, e-mail: support-h...@pfsense.com
>
> Commercial support available - https://portal.pfsense.org
>
>
> -
> To unsubscribe, e-mail: support-unsubscr...@pfsense.com
> For additional commands, e-mail: support-h...@pfsense.com
>
> Commercial support available - https://portal.pfsense.org
>
>
>
>
> --
> Isamar Maia
> Cel. VIVO SSA:  (55) 71-9146-8575
> Cel. TIM SSA: (55) 71-9185-5264
> Fixo:  (55) 71-4062-8688
> 日本: +81-(0)3-4550-1212
> Skype ID: isamar.maia  
>



-- 
Isamar Maia
Cel. VIVO SSA:  (55) 71-9146-8575
Cel. TIM SSA: (55) 71-9185-5264
Fixo:  (55) 71-4062-8688
日本: +81-(0)3-4550-1212
Skype ID: isamar.maia

Re: [pfSense Support] Subnets in same NIC

[Chris Buechler]

On Tue, Aug 30, 2011 at 8:39 PM, Ivanildo Galvão - IT Services <
ivani...@itservices.com.br> wrote:

> Yeah, I know it works with VLAN, but wanted to implement something simpler,
> the problem is that the customer had this scenario before working with
> Proxywith Linux and pfSense he wants to have the same solution, on Linux
> it had asingle NIC which was subdivided into 03 virtual eth, eth each
> subnet representsa ranger, according to the MAC filter stations put Linux on
> their respective networks.
>
> I downloaded the version of pfSense RC3 today, here in VMware
> Workstationinstalled to see if I can find some option, but so far I see
> nothing that addressesthis need.
>

That's what IP alias virtual IPs are for. It's generally not a good practice
to do so as having multiple subnets on a single broadcast domain is ugly,
largely pointless, and considered poor network design, but you can.

RES: [pfSense Support] Subnets in same NIC

[Ivanildo Galvão - IT Services]

Yeah, I know it works with VLAN, but wanted to implement something simpler, the 
problem is that the customer had this scenario before working with Proxywith 
Linux and pfSense he wants to have the same solution, on Linux it had asingle 
NIC which was subdivided into 03 virtual eth, eth each subnet representsa 
ranger, according to the MAC filter stations put Linux on their respective 
networks.

I downloaded the version of pfSense RC3 today, here in VMware 
Workstationinstalled to see if I can find some option, but so far I see nothing 
that addressesthis need.

 

 

Ivanildo Galvão - MCP, MCT, MCSA, VSP

Consultor de Tecnologia

Tel. (84) 3201 2146 | Cel. (84) 9111 8873

  ivani...@itservices.com.br|  
 www.itservices.com.br 

Twitter: @ivanildogalvao 

  

 

 

 

 

 

De: Isamar Maia [mailto:isa...@gmail.com] 
Enviada em: terça-feira, 30 de agosto de 2011 21:30
Para: support@pfsense.com
Assunto: Re: [pfSense Support] Subnets in same NIC

 


If your switch 3com is a managed one, maybe you can try to setup VLANs
in the switch and inside your PFsense box settings.

It's not so simple to do but it seems to be a cleaner solution.


Isamar



2011/8/30 Ivanildo Galvão - IT Services 


Guys, need to make a single LAN network card, plugged into a switch 3com, IP
delivery for different grinding machines that may connect to the network,
for example:

Computers on the internal network, get the IP subnet 192.168.0.0/24
Computers visitors entering the network, get the IP subnet 192.168.1.0/24

Is there any way to do this? It would be a MAC address?

This works beautifully in another proxy that the client had was a Linux
Ubuntu, he had an eth0-1 / eth0-2 / eth0-3, Linux was sending the IP address
according to the MAC table, that the same eth0, he could perceive only the
virtual interface eth0 (192.168.0.0/24 = 1, 2 - 192.168.1.0/24, 3 -
192.168.2.0/24)

The pfSense is virtualized, I tried using two NICs connected to the same
vm_network, each virtual NIC with DHCP, put each IP address tied to the mac
due, but sometimes the machines come in a network, sometimes on another
network, I need a solution urgent for a client.

I appreciate everyone's help!


Ivanildo Galvão - MCP, MCT, MCSA, VSP
Consultor de Tecnologia
Tel. (84) 3201 2146   | Cel. (84) 
9111 8873  
ivani...@itservices.com.br| www.itservices.com.br
Twitter: @ivanildogalvao






-Mensagem original-
De: Nicolas Roussi [mailto:nicolas.rou...@archimedean.org]
Enviada em: terça-feira, 30 de agosto de 2011 19:38
Para: support@pfsense.com
Assunto: [pfSense Support] Traffic Shaper ?

Hi, i am running 1.2.3 and I need some ideas on how to limit and prioritize
traffic This is the setup

internet <---10Mbps--->MainFirewall
(NAT)<---1000Mbps--->pfSense(NAT)<1000Mbps--->1600 wireless clients
   |
   |
servers

Besides the double NATing, first I would like to make sure that traffic that
goes to the Internet only uses 2MBps.
Second, I would like to block everything except 80,443,548, 25 and a few
other services (I can do that in the firewall settings) Third, from those
services, I would like to give priority and full bandwidth to AFP (548) then
to web and then the rest.

Is this possible?

Any help is greatly appreciated.

Thanks
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional
commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org


-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org




-- 
Isamar Maia
Cel. VIVO SSA:  (55) 71-9146-8575
Cel. TIM SSA: (55) 71-9185-5264
Fixo:  (55) 71-4062-8688
日本: +81-(0)3-4550-1212
Skype ID: isamar.maia  

<>

Re: [pfSense Support] Subnets in same NIC

[Isamar Maia]

If your switch 3com is a managed one, maybe you can try to setup VLANs
in the switch and inside your PFsense box settings.

It's not so simple to do but it seems to be a cleaner solution.


Isamar


2011/8/30 Ivanildo Galvão - IT Services 

>
> Guys, need to make a single LAN network card, plugged into a switch 3com,
> IP
> delivery for different grinding machines that may connect to the network,
> for example:
>
> Computers on the internal network, get the IP subnet 192.168.0.0/24
> Computers visitors entering the network, get the IP subnet 192.168.1.0/24
>
> Is there any way to do this? It would be a MAC address?
>
> This works beautifully in another proxy that the client had was a Linux
> Ubuntu, he had an eth0-1 / eth0-2 / eth0-3, Linux was sending the IP
> address
> according to the MAC table, that the same eth0, he could perceive only the
> virtual interface eth0 (192.168.0.0/24 = 1, 2 - 192.168.1.0/24, 3 -
> 192.168.2.0/24)
>
> The pfSense is virtualized, I tried using two NICs connected to the same
> vm_network, each virtual NIC with DHCP, put each IP address tied to the mac
> due, but sometimes the machines come in a network, sometimes on another
> network, I need a solution urgent for a client.
>
> I appreciate everyone's help!
>
>
> Ivanildo Galvão - MCP, MCT, MCSA, VSP
> Consultor de Tecnologia
> Tel. (84) 3201 2146 | Cel. (84) 9111 8873
> ivani...@itservices.com.br| www.itservices.com.br
> Twitter: @ivanildogalvao
>
>
>
>
>
>
> -Mensagem original-
> De: Nicolas Roussi [mailto:nicolas.rou...@archimedean.org]
> Enviada em: terça-feira, 30 de agosto de 2011 19:38
> Para: support@pfsense.com
> Assunto: [pfSense Support] Traffic Shaper ?
>
> Hi, i am running 1.2.3 and I need some ideas on how to limit and prioritize
> traffic This is the setup
>
> internet <---10Mbps--->MainFirewall
> (NAT)<---1000Mbps--->pfSense(NAT)<1000Mbps--->1600 wireless clients
>|
>|
> servers
>
> Besides the double NATing, first I would like to make sure that traffic
> that
> goes to the Internet only uses 2MBps.
> Second, I would like to block everything except 80,443,548, 25 and a few
> other services (I can do that in the firewall settings) Third, from those
> services, I would like to give priority and full bandwidth to AFP (548)
> then
> to web and then the rest.
>
> Is this possible?
>
> Any help is greatly appreciated.
>
> Thanks
> -
> To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional
> commands, e-mail: support-h...@pfsense.com
>
> Commercial support available - https://portal.pfsense.org
>
>
> -
> To unsubscribe, e-mail: support-unsubscr...@pfsense.com
> For additional commands, e-mail: support-h...@pfsense.com
>
> Commercial support available - https://portal.pfsense.org
>
>


-- 
Isamar Maia
Cel. VIVO SSA:  (55) 71-9146-8575
Cel. TIM SSA: (55) 71-9185-5264
Fixo:  (55) 71-4062-8688
日本: +81-(0)3-4550-1212
Skype ID: isamar.maia

[pfSense Support] Success Story

[Nathan Eisenberg]

It seems like there are always questions and/or complaints on this list, so I 
just wanted to share a success story.

We just returned (this weekend) from running the PC gaming network at Penny 
Arcade eXpo's west coast event.  This is a rather high profile event attended 
by 60,000+ people, with the PC gaming room being divided into two sections - PC 
Freeplay, with Intel powered machines donated by Intel themselves, and BYOC, 
which is more like a regular LAN party where people bring their own rigs.  They 
both share a common internal network (/22) so that they can play games with 
eachother.

One of the major issues this event has always faced is bandwidth.  The 
convention center's bandwidth is extraordinarily expensive, so the event is 
only able to afford a 45Mbps connection (for 500-600 gaming PC's).  This 
connection has to support regular web browsing, email, IM, etc, as well as game 
traffic AND game patch traffic (ala Steam and Battle.NET).  Further 
complicating matters, at some points, there are also video streams and 
tournaments with real money riding on them, which have to run smoothly.

Up till now, this has always been accomplished with traffic shaper rules, but 
these are complex, and difficult to explain to others.  They're also not easy 
to adjust in an adhoc manner.  This year, we tried out the bandwidth limiter 
feature, and basically created different buckets for the protocols and ports we 
wanted to allow.  This made it extremely easy to make sure that there was 
ALWAYS bandwidth available for the PC attached to a projector showing a video 
stream, and that the people playing in the Starcraft 2 tournament had enough 
bandwidth to log on.  It was easy to tweak and adjust as the demands evolved.

So, to whoever built that feature- THANK YOU!

My one bit of feedback: The 'Limiter Info' page is currently *very* hard to 
decipher.  It would be quite nice if there was a readily available breakdown 
(maybe in graph form, too?) of the different limiters and their utilization.

But again, thank you.  This, and the layer-7 rules, rock!

Pics (apologies for the shameless plug - it's the only location that I have 
them available at):
http://www.facebook.com/media/set/?set=a.10150348477738933.398042.102500853932

PS - you can't see it due to the contrast, but on the picture with the rack and 
monitor, that monitor was showing the realtime bandwidth utilization (the SVG 
graph thingy), and people seemed to think that was pretty neat!
PPS - Oh, here's one where you CAN see it, kinda: 
http://hphotos-snc7.fbcdn.net/322411_10150348722388933_102500853932_9609136_7921564_o.jpg

Best Regards,
Nathan Eisenberg



-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

[pfSense Support] Subnets in same NIC

[Ivanildo Galvão - IT Services]

Guys, need to make a single LAN network card, plugged into a switch 3com, IP
delivery for different grinding machines that may connect to the network,
for example:

Computers on the internal network, get the IP subnet 192.168.0.0/24
Computers visitors entering the network, get the IP subnet 192.168.1.0/24

Is there any way to do this? It would be a MAC address?

This works beautifully in another proxy that the client had was a Linux
Ubuntu, he had an eth0-1 / eth0-2 / eth0-3, Linux was sending the IP address
according to the MAC table, that the same eth0, he could perceive only the
virtual interface eth0 (192.168.0.0/24 = 1, 2 - 192.168.1.0/24, 3 -
192.168.2.0/24)

The pfSense is virtualized, I tried using two NICs connected to the same
vm_network, each virtual NIC with DHCP, put each IP address tied to the mac
due, but sometimes the machines come in a network, sometimes on another
network, I need a solution urgent for a client.

I appreciate everyone's help!


Ivanildo Galvão - MCP, MCT, MCSA, VSP
Consultor de Tecnologia
Tel. (84) 3201 2146 | Cel. (84) 9111 8873
ivani...@itservices.com.br| www.itservices.com.br 
Twitter: @ivanildogalvao 
  





-Mensagem original-
De: Nicolas Roussi [mailto:nicolas.rou...@archimedean.org] 
Enviada em: terça-feira, 30 de agosto de 2011 19:38
Para: support@pfsense.com
Assunto: [pfSense Support] Traffic Shaper ?

Hi, i am running 1.2.3 and I need some ideas on how to limit and prioritize
traffic This is the setup

internet <---10Mbps--->MainFirewall
(NAT)<---1000Mbps--->pfSense(NAT)<1000Mbps--->1600 wireless clients
|
|
 servers

Besides the double NATing, first I would like to make sure that traffic that
goes to the Internet only uses 2MBps. 
Second, I would like to block everything except 80,443,548, 25 and a few
other services (I can do that in the firewall settings) Third, from those
services, I would like to give priority and full bandwidth to AFP (548) then
to web and then the rest.

Is this possible? 

Any help is greatly appreciated.

Thanks
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional
commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org


-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

[pfSense Support] Traffic Shaper ?

[Nicolas Roussi]

Hi, i am running 1.2.3 and I need some ideas on how to limit and prioritize 
traffic
This is the setup

internet <---10Mbps--->MainFirewall 
(NAT)<---1000Mbps--->pfSense(NAT)<1000Mbps--->1600 wireless clients
|
|
 servers

Besides the double NATing, first I would like to make sure that traffic that 
goes to the Internet only uses 2MBps. 
Second, I would like to block everything except 80,443,548, 25 and a few other 
services (I can do that in the firewall settings)
Third, from those services, I would like to give priority and full bandwidth to 
AFP (548) then to web and then the rest.

Is this possible? 

Any help is greatly appreciated.

Thanks
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Re: [pfSense Support] limit bandwidth hosts

[jorhardware]

Pfsense 2.0 RC3

is to teach the steps, if possible to print the screen?

att.

2011/8/30 dmoz :
> which version of pfsense are you using ?
> It's preety simple in pfsense v 2.0
>
> On Tue, Aug 30, 2011 at 5:42 AM, jorhardware  wrote:
>>
>> Hello, I'm finding it difficult to limit the bandwidth to host a
>> network fied, could someone help me?
>>
>>  searched on google and found no solution.
>>
>>  example:
>>
>>  192.168.10.0/24 network each host 100kb / s, any tips?
>>
>>  att.
>>
>> --
>> Juliano Oliveira
>> Rio de Janeiro, Brasil
>>
>> -
>> To unsubscribe, e-mail: support-unsubscr...@pfsense.com
>> For additional commands, e-mail: support-h...@pfsense.com
>>
>> Commercial support available - https://portal.pfsense.org
>>
>
>



-- 
Juliano

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Re: [pfSense Support] limit bandwidth hosts

[dmoz]

which version of pfsense are you using ?
It's preety simple in pfsense v 2.0

On Tue, Aug 30, 2011 at 5:42 AM, jorhardware  wrote:

> Hello, I'm finding it difficult to limit the bandwidth to host a
> network fied, could someone help me?
>
>  searched on google and found no solution.
>
>  example:
>
>  192.168.10.0/24 network each host 100kb / s, any tips?
>
>  att.
>
> --
> Juliano Oliveira
> Rio de Janeiro, Brasil
>
> -
> To unsubscribe, e-mail: support-unsubscr...@pfsense.com
> For additional commands, e-mail: support-h...@pfsense.com
>
> Commercial support available - https://portal.pfsense.org
>
>

[pfSense Support] Re: fx5624 pfsense install - FIXED

[Nick Upson]

in addition, when setting up a second one as a spare, I found it necessary
to override the default disk partition, making / 7G and /usr the balance of
the disk

On 3 August 2011 14:34, Nick Upson  wrote:

> Hi everyone,
>
> I have finally got 1.2.3 installed onto this box, things that seems to help
> fix it (I cannot go back and exhaustively test, this needs to go into
> production asap)
>
> - disable packet mode during the install
>
> - format the new hard disk on a windows machine first
>
> - that got me to a mountroot> prompt which I hadn't seen before, I then
> used information from
> http://forum.pfsense.org/index.php?topic=22824.0;wap2
> which allowed me to enter "ufs:ad1s1a" (Note slight change) and
> "Once it is running edit (either through the UI or through the shell)
> /boot/loader.conf and add the line:
>vfs.root.mountfrom="ufs:ad1s1a""
>
>
>
> --
> Nick Upson (01799 533252)
>
>


-- 
Nick Upson (01799 533252)

RE: [pfSense Support] redirect URL

[Jochem de Waal]

Hi Nick,

 

Check this forum discussion:
http://forum.pfsense.org/index.php?topic=1926.0

 

Cheers,

 

Jochem

 

Van: Nick Upson [mailto:n...@telensa.com] 
Verzonden: dinsdag 30 augustus 2011 12:49
Aan: support pfsense
Onderwerp: [pfSense Support] redirect URL

 

Hi,

I'm running 1.2.3, is there any way I can redirect incoming traffic on
the same WAN interface based on URL to different servers. 
currently I do this using a seperate machine which runs a squid reverse
proxy. All port 80 traffic is directed to that server and then
redirected.
I would rather do this in the firewall if possible. 

-- 
Nick Upson (01799 533252)

[pfSense Support] redirect URL

[Nick Upson]

Hi,

I'm running 1.2.3, is there any way I can redirect incoming traffic on the
same WAN interface based on URL to different servers.
currently I do this using a seperate machine which runs a squid reverse
proxy. All port 80 traffic is directed to that server and then redirected.
I would rather do this in the firewall if possible.

-- 
Nick Upson (01799 533252)