Multi ISP – PFSense Setup

Published on May 6, 2022 at 8:57 pm by LEW

PD Sense LogoIntroduction

In this series I embark on the challenge of building a PFSense based router/firewall for load balancing between two ISP’s. It is something I have been putting off for a while, but at this point the need is outweighing other projects that I am working on. Besides my other big project involves some minor construction, which is impractical at the moment.

The big question is why would anyone build  thier own router? After all I got one from my ISP. There are a few reasons for doing this; I do not have full administrative access to the router provided by my ISP, I want to run a VPN for my entire network, I want to run a caching DNS server on my network, and I want to be able to load share between my current ISP and my previous ISP (read this post) in a more eloquent way.

Disclaimer

I may mention several products and ISP’s by name. I don’t think it can really avoided in this type of post. Please be advised that this post does not in any way constitute endorsement of any products or services mentioned. They just happen to be what I am using at the moment.

Hardware

To begin, this is the hardware I am currently using in my network, along with the hardware I am planing to add.

Huawei B535-932 4G LTE+ Cellular modem. This modem is used with Globe At Home Prepaid Wifi, and is setup with the Globe interface. It consists of a cellular modem, 5 GHZ and 2.4 Ghz wireless access points (AP), router/firewall, and four port switch. For this project I will be disabling DHCP. I am still thinking about whether to disable the AP or not.

Huawei EG8145V5 fiber modem. Same as above except it uses fiber instead of Cellular. Same logic that applies to the cellular modem applies here. The only difference is the fiber modem will be primary.

Two Modems, Fiber and Cellular
5th Generation Intel NUC computer. This will be the hardware that I install PFSense on. It has a hood giving it two network jacks. I will be using a USB to Ethernet adapter for the third network jack.

5th Generation NUCTargeted Setup

Technically there should be three separate network segments. One being the private LAN. Each modem will technically have to have its own segment also. See the below illustration. Note clause assigned are arbitrary at this point, and are primarily for working through the design.

Network Segments Concept
The IP address assigned by the ISP is not really relevant at this point. Each modem will need to be assigned to the first address of its particular local private segment. In our example the fiber modem is at 192.168.100.1, and the cellular modem is at 192.168.254.1.

I will want to assign static IP addresses for the two network adapters in the hood of the NUC (the built in one and the USB to Ethernet adapter). Note that both of these are technically Ethernet to USB. The Ethernet adapter on the body of the NUC will be assigned to the first address of our local network (it is gigabit Ethernet).

How the network adapters get set up in PFSense is yet to be determined. My basic plan is as follows;

  1. Get PFSense ruining on the NUC
  2. Setup the LAN interface in PFSense
  3. Setup the Fiber modem interface in PFSense and validate internet access
  4. Setup the network interface for the cellular modem, and verify internet access
  5. Set up load balancing between the two modems in PFSense.

Conclusion

This is the plan, so far, that I intend to implement. Since this particular type of setup is all new to me, I will publish future articles as I finish each of the above steps. The rate of post release may be somewhat haphazard. So stay tuned for further developments.

Next Post

Add New Comment

Your email address will not be published. Required fields are marked *