On 5-9-2013 13:09, Asim Ahmed Khan wrote: > Hi, > > Let me first briefly explain my setup. I have redundant internet link > from two ISPs. Before pfsense, I was using two gateway boxes. One for > each internet link. Each box is CentOs, with Shorewall + Squid. I have > certain rules imposed on each box. Each box has two NIC, one for public > IP from is, and one for LAN. > > Now to implement failover and few other things, i setup a pfsense box. > Now network is like : > > Both Gateway boxes' public interface has been reconfigured on different > subnet which is being shared by pfsense's local NIC. i.e. Both old > gateways get internet from pfsense instead of ISPs. > > Now what I need to do (or at least know if possible), is to be able to > see who from my LAN is consuming most bandwidth. pfsense provide > "bandwidthd" for that. But the problem is, pfsense only see the two > clients connecting to it and those are public interfaces of gateway > boxes. So I can't get the real picture. Is there anyway, pfsense can see > who actually is sending request to pfsense through public interface of > gateway ?
Maybe I'm mistaken here, but the shorewall devices are behind your pfSense firewall and they perform NAT making only those 2 addresses visible. If that is the case you need to set up static routes on pfSense and drop the NAT on the gateway boxes. I'm not understanding too well why you don't put everything into one box, or maybe add carp for failover. This seems very convoluted. Regards, Seth _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
