Pfsense-Newb
So i have a big event coming up and ive decided that i might need to get a heavier piece of equipment to try and just have something with some more power. And with one of the networks im planning to have around 5000 clients or more connected. and i wanted to see if i could do a few things.
One of the things ive done in the past with edge routers(ubiquiti edge) when i have large subnet is create a source nat rule with a block of address public. so that i can have a network of lets say
10.10.168.0/23 dynamically going out of range of public address 1.2.3.4 - 1.2.3.20…
I have found out house to do this by just using the virtual address and being able to switch between one network and one public but im trying to do this with a big local subnet and a block of publics.
Also since im new to this and a friend just sold me an r210 server for cheap that ive installed this on, any tips to check how the ssystem is running on cpu and ram and what not would be appreciated as well.
Thank you !!
Also another thing i noticed when i create the static route for the internet it only let me create 0.0.0.0/1… is that ok im used to creating static routes to the internet as 0.0.0.0/0… dont know what lives in that /1 but just thought id ask
1 Like
I am not clear on your public IP question but they have a write up here pfSense® software Configuration Recipes — Routing Public IP Addresses | pfSense Documentation
As for the hardware, the XG-7100 can handle that many clients so make sure your hardware is at least this fast.
https://shop.netgate.com/products/7100-base-pfsense
I have a subnet on 192.168.93.0/24 eventually the subnet will be much bigger… but for testing im using that. and i have a few public ips… i can only post on picture at a time so ill post one now and in another post after. i have lets say 12.0.0.224-229. and my wan interface is actually. 12.0.0.223/25. but i try to make it so that all the clients on 192.168.93.0/24 go dynamically on different publics…
and this is how the nat rule looks… but i still see the same 12.0.0.224 from each client.
Also this is my CPU and i just order 32 gigs of Ram for the r210 server… DDR3…
what do you think?
I don’t know why you would want the clients going out different IP’s but that is done via policy routing Multiple WAN Connections — Policy Routing Configuration | pfSense Documentation
Because of all the clients im hoping to have. and ive read things on the internet like
But the thing is that the protocol use a tuple like : internal IP, internal Port, external IP, external Port, and protocol.
So, if we only have one external IP, then port numbers (65536) and protocol (TCP/UDP) will be the limitation. Since we can only map to 65546 * 2 external Port and protocol, that is the limitation of internal connection.
If you want to break the limitation, maybe it’s best to increase the number of external IP addresses.
Using Aliases and Round Robin was how i was able to make it work. 
loving my first week with PFsense! Your videos help so much, thank you for all content!
1 Like
