Gateways and Static Routes in pfSense 2.1

In this article, I will continue my look at some of the new features of pfSense introduced with the latest release (2.1). This time, I will examine some of the updates to the routing functions found under System -> Routing: gateways, static routes, and gateway groups.

Configuring Gateways

Gateways

Default gateways in pfSense 2.1

When you navigate to System -> Routing, and click on the “Gateway” tab, the first thing you will notice is that whereas in the past, there was one gateway created by default (Interface WAN Dynamic Gateway), now there are two: [1] Interface WAN_DHCP Gateway, and [2] Interface WAN_DHCPv6 Gateway. The former gateway, as you might have guessed, uses IPv4, whereas the latter uses IPv6. Both gateways seem to be created by default regardless of whether you actually have any IPv6 interfaces.

Gateways

Configuring gateways under pfSense 2.1.

If you click on the “plus” button, you can add a new gateway. The options are substantially the same as they were under pfSense 2.0.3 (I refer you to my article on pfSense gateway configuration), with one exception: there is a new option called “Address Family“. Here, you can choose either IPv4 or IPv6, underscoring the extent to which pfSense 2.1 has added support for IPv6. If you click on the “Advanced” button, you will see that “Frequency Probe” has been renamed “Probe Interval” (this is the interval at which ICMP probe will be sent, to see if the gateway is still up), but otherwise, the Advanced options are identical to what they were under 2.0.3.


Configuring Routes

If you click on the “Routes” tab and click on the “plus” button, you will see once again that the options for creating a static route are similar to the options under 2.0.3, with one exception: once again, it’s the addition of support for IPv6. With a possible CIDR of 1 to 129, the “Destination Network can be either an IPv4 or IPv6 address. The “Gateway” can be either a default gateway (WAN_DHCP or WAN_DHCP6), a user-defined gateway, the IPv4 loopback (127.0.0.1) or the IPv6 loopback (::1). If you’ve created static routes before, this is easy.

Configuring Gateway Groups

Gateways

Creating a gateway group in pfSense 2.1

If you click on the “Group” tab and click on the “plus” button to add a gateway group, you will find the options are almost identical to those under 2.0.3. Under “Gateway Priority“, however, there is one new option: in addition to “Tier“, there is “Virtual IP“; this field selects what virtual IP should be used when this group applies to a local Dynamic DNS, IPsec or OpenVPN endpoint.

As you can see, a common motif in our exploration of pfSense 2.1 is the degree to which IPv6 support has been added. As the IPv4 address pool nears exhaustion, this was an essential upgrade. I’m sure I will come across other interesting features, however, as I continue my look at the new pfSense.


External Links:

World IPv6 Launch – various measurements and resources regarding IPv6 adoption, as well as a blog.

Be Sociable, Share!

Speak Your Mind

*

© 2013 David Zientara. All rights reserved. Privacy Policy