Single Interface, multiple WAN gateways

Started by toe, February 15, 2024, 06:33:00 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 15, 2024, 06:33:00 PM
In my home setup, I have three Internet connections, but I'm tight on interfaces on my opnsense hardware, so I want to cover all three with one interface (re0, 192.168.178.3). Currently, I only use IPv4, but intend to change that at some point in the future. But future IPv6 should be irrelevant to this topic.

My Internet connections and gateways are:

  • Cable (1Gbit/s down, 50Mbit/s up): GW vodafone_kabel, 192.168.178.179
  • DSL (100Mbit/s down, 40Mbit/s up): GW ewe_dsl, 192.168.178.22
  • LTE (whatever cheap SIM card I currently got my hands on): GW teltonika, 192.168.178.14

Intuitively, I would add static routes through all 3 gateways and try to control traffic flow with metrics. But that's probably too simplistic. And didn't work either. The static routes get ignored, unless I do some workarounds like 0.0.0.0/1, 128.0.0.0/1 instead of actual default routes.

If I manually add routes on the CLI with route add default ..., it complains about the routes already existing, even though the routing table doesn't show them with netstat -4rn.

I could also turn re0 into a trunk, add dedicated VLANs for each of my three Internet uplinks and start treating them as individual interfaces on the opnsense side. But that seems to be overly complicated.

I've probably created a setup that is unintended from opnsense (or FreeBSD?) side, but from a pure networking perspective it makes sense to me to have a single Internet-facing... interface on the opnsense, then have three different WAN devices each with its own IP in the same network.

Any ideas where to continue troubleshooting?
February 17, 2024, 04:57:56 PM #1
Using VLANs would be a much cleaner approach, but creating three gateways on the same interface should work, too. At least for the time being - this is going to be a nightmare when using dynamic interface configuration (DHCPv4/v6, SLAAC).

This isn't fundamentally different from three separate WAN interfaces, so you might want to read the docs about multi WAN, gateway groups and policy based routing first.
Static routes are not the way to go here. Multiple default routes are not supported in OPNsense since it only uses a single routing table (not multiple FIBs like on some other systems).

Cheers
Maurice
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
Print
Go Up Pages1
User actions