we have done many a /22 using pfsense with ease - even running bgp.
Reason I suggest maybe having them stay on pfsense in this case is - if they are asking this question - they might be completely lost in Cisco Land. I have recently moved to using vyatta first - their paid product is great - opensource lacks support imho I agree w/ you if you have the experience however ;-) using cisco or something similar On Oct 4, 2010, at 7:33 PM, Nathan Eisenberg wrote: >> -----Original Message----- >> From: David Burgess [mailto:apt....@gmail.com] >> Sent: Monday, October 04, 2010 4:23 PM >> To: support@pfsense.com >> Subject: Re: [pfSense Support] How do I break down a /22 into smaller >> subnets to use behind(LAN) side of my pfsense box >> >> On Mon, Oct 4, 2010 at 5:19 PM, Chris Flugstad <ch...@cascadelink.com> >> wrote: >> >>> -how to i break up the large block into smaller blocks >> >> Like this? >> >> http://www.vlsm-calc.net/ >> >> db > > It depends on how it's delivered to you, but typically, your provider will > allocate a /30 to use for the route between them and your WAN interface, and > then route (via static routes or a dynamic routing protocol) the /22 to your > box. You can then create the various VLAN and physical interfaces for the > internal network and assign the smaller blocks to each interface. > > So, in short, your first step is likely going to be 'talk to your transit > provider' to get a /30 setup. > > To be honest, I wouldn't use a pfsense box to sit in front of a /22 though. > I'd use a Cisco router, and then slice up the first /26 or /27 into some > reserved space for /30's. Then you can use the /30's to route your various > subnets to multiple PFsense boxes as needed. > > By the way, it would be awesome if PFsense supported RFC 3021 and implement > /31 support... could be twice as efficient with routing networks. > > Best Regards, > Nathan Eisenberg > Atlas Networks | Sr. Systems Administrator > office: 206.577.3078 | www.atlasnetworks.us --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
