Implement Load-Balancing and Fail-Over Improve the performance of your workstations and network What: Lag-Less Computer Shop using PFSense Workshop How many total vlans/networks do you have and how many interface available on pfsense? How many ports open on your switch? You could use different uplink for each network/vlan from the switch to pfsense to remove any hairpin traffic between vlans.All I-Cafe Owners, this seminar is for you. This might mean some hairpin traffic for some intervlan traffic but has the added benefit of allow for easy firewall rules between your network segments. This will remove the possibility of any asymmetrical routing conditions.Įdit: another way to do it would be remove the 元 doing the routing and just route all your segments at pfsense via either more interfaces and untagged uplinks from your switch or via vlans. That will remove your asymmetrical routing problem.īut the long term fix would be to connect pfsense to your 元 via a transit network that no hosts are on. What you need to do since the clients are using a print server is on the print server create a route statement that says if it wants to talk to 10.1.0/24 to use the 元 svi in the 10.0.0/23 network - ie that 10.0.0.43 IP. Yeah your going to have asymmetrical routing problem for sure in such a setup.
Now your client(s) in this vlan off your 元 would use the SVI of the 元 as their gateway.
Pfsense would be the default route for your 元, and pfsense would have a route for downstream networks on the 元 pointing to the 元 IP in the transit network. Where you have a transit network that connects pfsense to your 元. How a 元 switch would normally be setup would be with transit that has no hosts on it. If your going to run in such a setup where you have hosts on what should be your transit then you need to do host routing. But you would have a problem when tryinig to go to the internet. And if your client is pointing to the 元 as its gateway then pfsense would have ZERO to do with your client talking to your printer. You have a computer on vlan 1 what is its gateway? Pfsense or the 元 switch SVI on vlan 1? If your pointing it to the SVI on the switch there would not be asymmetrical when talking to the printer vlan. You clearly could have asymmetrical routing problem in your shown config. That drawing is not using a downstream router.
0 kommentar(er)
