OPNsense Forum

English Forums => General Discussion => Topic started by: dcol on November 16, 2017, 10:31:17 pm

Title: One WAN Multiple IP's
Post by: dcol on November 16, 2017, 10:31:17 pm

In an environment with one gateway and 4 WAN public IP's, from a performance aspect, would it be better to use virtual IP's and NAT to each server on it's own interface. Or one LAN interface using NAT 1:1 directing each public IP to a server.

Title: Re: One WAN Multiple IP's
Post by: bartjsmit on November 17, 2017, 08:25:17 am

Hi dcol, I am a great fan of 1:1 NAT if you have multiple public IP addresses. It has the least negative effect on higher layers of the stack and therefore the widest compatibility.

Bart...

Title: Re: One WAN Multiple IP's
Post by: dcol on November 17, 2017, 03:36:44 pm

Thanks Bart, I am also a fan of NAT but my question is more about using a single interface vs multiple interfaces. Both use NAT. Using multiple interface with virtual IP's may invoke more layers, but also benefit from bandwidth separation with the multiple interfaces. Also the configuration is more complex.

I see the advantage with one interface too. simple NAT 1:1 using the ISP assigned IP's to the respective servers on the same subnet as the LAN. This has benefits with IDS only having to administer one internal interface. And the reduced failure points of multiple NIC's. But is this sacrificing performance? That's the question here.