Re: [pfSense] Aggregated WAN traffic

2016-05-10 Thread Juan Bernhard 


El 10/05/2016 a las 10:58 a.m., Vick Khera escribió:

On Tue, May 10, 2016 at 9:45 AM, Randy Morgan  wrote:


Having said that there is some question in my mind as to how this actually
works.  Some of what I read indicates that the aggregation actually causes
the LAGG port to, effectively, operate on QOS functionality, meaning that
it cycles between the two links based on available bandwidth.



From my understanding, a single connection will not use both links, but
multiple connections will be load balanced among them. Thus, don't expect a
single file download to be able to use all 20Mbps of the bandwidth.


Right. LACC is for ethernet connections. If you have two gigabit 
ethernet cards in a single switch, you can "add" them in a balanced and 
fault tolerant mode. That is, you can use 2 gigabits ports of your 
pfsense as one port of 2 gigabit IN YOUR LOCAL network, and if you 
disconnect one of the two ethernet cables, it still works, but at 1gbps.
If you want to add two internet connections "in the same way" you can't 
do it with a home ISP, you will need to route your internet connections 
with BGP (as the way ISP and big corporate networks join internet). And 
thats VERY complicated and expensive (and yes, pfsense can route BGP).
What you can do, is to do some balance on the internet connection, some 
will enter by one uplink or the other one, never by the 2 uplinks at the 
same time.


Saludos, Juan.
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

[pfSense] [SOLVED] DHCP Relay attaching to wrong interface

2015-07-30 Thread Juan Bernhard 


El 30/07/2015 a las 03:39 a.m., Chris Buechler escribió:

On Sat, Jul 25, 2015 at 8:06 AM, Juan Bernhard j...@inti.gob.ar wrote:

Hi list, first I want to congratulates all pfsense developoers for this
magnificent piece of software.

I think I found a simple bug:
I configuring a pfsense in a single server to replace a cisco 2821 and an
asa 5520, and at the moment almost everithing is working great.
But... I'm having troubles with the dhcp relay. I have a 2 real inteface
configurations, one on the internet side and the other in de inside, with 8
vlan in there. I cofigured dhcp relay to listen to some vlan interfaces, but
it also attaches to the lan interface (the one with out vlan tag), having 2
dhcp responding server on the same collision domain.



At some point ages ago, if you didn't specify the interface where the
target server resides in the list, it wouldn't work. Has nothing to do
with it being a VLAN parent, that's just where your target DHCP server
resides or is reachable. That no longer appears to be necessary. It
won't relay requests out the same interface they came in on, so it
should have no functional difference. Regardless, shouldn't be
specified now.

Ticket, and commit that removes it.
https://redmine.pfsense.org/issues/4908
https://github.com/pfsense/pfsense/commit/97613114b5b74c334609d7fcd79c94741b111793

If you could help verify, please replace your /etc/inc/services.inc
file with this:
https://raw.githubusercontent.com/pfsense/pfsense/RELENG_2_2/etc/inc/services.inc

Then just click Save under ServicesDHCP Relay.

I have tested it in VLAN and non-VLAN circumstances, and it works.
Additional confirmation appreciated.


This solved the problem! Thanks a lot for the help!

And again,from a freebsd fan, great work on pfsense.

Saludos, Juan.
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] DHCP Relay attaching to wrong interface

2015-07-29 Thread Juan Bernhard 


El 27/07/2015 a las 08:07 p.m., Juan Pablo escribió:

hola Juan!
dont know if you solved this, what you trying to achieve here? what's
your wan interface IP doing there? =)
can you provide more info, maybe an idea of the topology?

bye,
me


hola juan pablo! Sorry for the delay, I had a bad week...
I didnt solve this problem, I just let the relay to work along the dhcp 
server, this is not a problem (dhcp protocol is ment to work with 
several servers in the same net... I think)

this is the topology:
one interface for the internet traffic, the other one connected inside 
to a really big net. 1500 host, 30 servers...


on the bce0 is connected the internet fiber.

the bce1 has 3 public class C networks (thats the ip you see inside, 
thats not my wan ip address, is the public ip address of dns and dhcp 
server). there are a lot of vlans connected to this interface (through 
vlan tag) and each vlan needs to have a dhcp relay on it.
The idea is to relay each vlan, but not the default vlan (the dhcp 
server is connected to this one)


I will try to recreate this problem creating a vlan and try to attach 
the dhcp relay only to this one, and not to the parent interface.

Ill tell you latter if i succeed.


Saludos!



2015-07-25 10:06 GMT-03:00 Juan Bernhard j...@inti.gob.ar:

Hi list, first I want to congratulates all pfsense developoers for this
magnificent piece of software.

I think I found a simple bug:
I configuring a pfsense in a single server to replace a cisco 2821 and an
asa 5520, and at the moment almost everithing is working great.
But... I'm having troubles with the dhcp relay. I have a 2 real inteface
configurations, one on the internet side and the other in de inside, with 8
vlan in there. I cofigured dhcp relay to listen to some vlan interfaces, but
it also attaches to the lan interface (the one with out vlan tag), having 2
dhcp responding server on the same collision domain.

In shell I can see that dhcrelay in up and has the command is wrong:
[2.2.3-RELEASE][r...@inti1.inti.gob.ar]/root: ps auxww | grep dhc
root30087   0.0  0.1  20184  9820  -  Ss9:34AM  0:00.05
/usr/local/sbin/dhcrelay -i bce1_vlan3 -i bce1_vlan10 -i bce1_vlan20 -i
bce1_vlan33 -i bce1_vlan51 -i bce1 -a -m replace 200.10.161.34

it hould not say -i bce this interface (lan) is not selected in the dhcp
relay web configration.



Saludos, Juan.
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold


___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

[pfSense] DHCP Relay attaching to wrong interface

2015-07-25 Thread Juan Bernhard 
Hi list, first I want to congratulates all pfsense developoers for this 
magnificent piece of software.


I think I found a simple bug:
I configuring a pfsense in a single server to replace a cisco 2821 and 
an asa 5520, and at the moment almost everithing is working great.
But... I'm having troubles with the dhcp relay. I have a 2 real inteface 
configurations, one on the internet side and the other in de inside, 
with 8 vlan in there. I cofigured dhcp relay to listen to some vlan 
interfaces, but it also attaches to the lan interface (the one with out 
vlan tag), having 2 dhcp responding server on the same collision domain.


In shell I can see that dhcrelay in up and has the command is wrong:
[2.2.3-RELEASE][r...@inti1.inti.gob.ar]/root: ps auxww | grep dhc
root30087   0.0  0.1  20184  9820  -  Ss9:34AM  0:00.05 
/usr/local/sbin/dhcrelay -i bce1_vlan3 -i bce1_vlan10 -i bce1_vlan20 -i 
bce1_vlan33 -i bce1_vlan51 -i bce1 -a -m replace 200.10.161.34


it hould not say -i bce this interface (lan) is not selected in the 
dhcp relay web configration.




Saludos, Juan.
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold