On Fri, 2014-06-13 at 18:13 +0100, Brian Candler wrote: > On 12/06/2014 23:06, Jon Gerdes wrote: > > My new ISP only provides a /29 from which WAN always gets the first one > > via PPPoE. > > > > I put the second address from the /29 onto an interface and the > > remaining four onto my externally facing systems. > You should be able to use the same IP address for both WAN and LAN > (Cisco calls this 'unnumbered': your PPP interface is using the IP > address from another interface) > > 192.0.2.1 = WAN interface of firewall > > 192.0.2.1/29 = LAN interface of firewall > 192.0.2.2..6 = other devices > > This saves the provider burning a /32 for the WAN (or even a /30 > point-to-point subnet, old skool) > > Regards, > > Brian.
Brian Thanks for giving me the technical term and after some Googling, several systems support unnumbered interfaces but it seems not pfSense out of the box, unless I am missing something. I can't see a way of getting WAN to come up without an address and setting LAN as in your example does not work - you get the quite reasonable error "address in use". I am pretty happy with losing one address to get this working but I might submit a feature request for this unless someone can point me into how to do it. Even OpenWRT can do this: http://patchwork.openwrt.org/patch/4181/ (good description, links and code there) Cheers Jon _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
