On Thu, 2014-06-12 at 23:23 +0100, Chris Bagnall wrote:
> On 12/6/14 11:06 pm, Jon Gerdes wrote:
> > As far as I can tell, the only downside is I lose another address to act
> > as the gateway.
> > Can anyone spot any flaws with this method or is it a general practice?
>
> Certainly assigning the first IP in a /29 to the PPPoE client is fairly
> standard practice in the UK (which I see you are). My $dayjob is an ISP
> and assigning the first IP to the PPPo{A|E} client is our normal config
> for anything from a /30 down to a /27.Being on the receiving end of many ISPs that does seem to be standard practice apart from AAISP and TalkTalk Business (except when the wind changes direction and EFM is involved!) > > I put the second address from the /29 onto an interface and the > > remaining four onto my externally facing systems. > > I believe (though haven't tried it in anger with the post-2.0 pfSense > versions - I recall doing it years ago with a 1.2.x version) you can use > an OPT interface for your WAN (instead of the default WAN interface), > then bridge LAN and OPT1, thus only 'losing' one of your IPs to the > firewall rather than two. I like the sound of that - I now recall reading about that technique ages ago but had forgotten about it. I can still play before committing to the final config. > (it's nice to be able to use a true /29 range if you can, but with RIPE > IPv4 allocations as tight as they are these days, hang onto yours for > dear life :-) ) Many ISPs are still doling them out like sweeties for a few quid one off fee. It's not sustainable. Thanks for the quick response. Cheers Jon Blueloop Ltd Jon Gerdes | Senior Consultant Blueloop House Ilchester Road Yeovil Somerset BA21 3AA Tel: 01460271055 Web: www.blueloop.net Registered Address : Blueloop House, Ilchester Road, YEOVIL, BA21 3AA Registered England & Wales - 3981322 CONFIDENTIAL INFORMATION This e-mail and any files attached with it are confidential and for the sole use of the intended recipient(s). If you are not the intended recipient(s) you are prohibited from using, copying or distributing this or any information contained in it and should immediately notify the sender and delete the message from your system. Internet communications are not secure and Blueloop Limited is not responsible for unauthorised use by third parties nor for alteration or corruption in transmission. Furthermore, while Blueloop Limited have taken reasonable precautions to minimise the risk of software viruses, it cannot accept liability for any damage which you may suffer as a result of such viruses, and we therefore recommend you carry out your own virus checks on receipt of any e-mail. _______________________________________________ List mailing list [email protected] https://lists.pfsense.org/mailman/listinfo/list
