pfSense Gold Subscription

Author Topic: Possible for Other Router to be DHCP Server instead of pfSense?  (Read 1983 times)

0 Members and 1 Guest are viewing this topic.

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 14276
  • Karma: +1329/-191
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Possible for Other Router to be DHCP Server instead of pfSense?
« Reply #15 on: February 16, 2017, 05:35:15 am »
You do understand the normal unifi AC AP can do wireless uplink..  If your having a problem with wiring.  They are not just "mesh"
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.3.4_p1 (work)
1x 2.4.1-RELEASE on VM esxi 6.5 (home)

Offline darkarn

  • Jr. Member
  • **
  • Posts: 54
  • Karma: +0/-0
    • View Profile
Re: Possible for Other Router to be DHCP Server instead of pfSense?
« Reply #16 on: February 16, 2017, 05:46:40 am »
You do understand the normal unifi AC AP can do wireless uplink..  If your having a problem with wiring.  They are not just "mesh"

Hmm wait, can the APs connect to each other wirelessly? I am asking as the AC66U will be replaced either by these APs or the Orbi. And I don't think I have seen anything like this mentioned in the manuals before...

Another thing that I am concerned about is the lack of Ethernet ports on these APs though, but I guess I will just go get a managed switch with more ports (but I am hoping it won't have to come to this since I just want to replace only the AC66U and be done with this problem lol)

Offline darkarn

  • Jr. Member
  • **
  • Posts: 54
  • Karma: +0/-0
    • View Profile
Re: Possible for Other Router to be DHCP Server instead of pfSense?
« Reply #17 on: February 17, 2017, 02:45:22 am »
I checked around a bit more, turns out Ubiquiti has such features; I wasn't searching with the right terms: https://help.ubnt.com/hc/en-us/articles/115002262328-UniFi-Feature-Guide-Wireless-Uplink

Now just to see if the prices are better and the trade-offs are ok

Also, I realised that in my earlier tests, I have forgotten to use the DHCP Relay feature in pfSense once I switched off its DHCP server! :-[

Let me test if this will make a difference or not

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 14276
  • Karma: +1329/-191
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Possible for Other Router to be DHCP Server instead of pfSense?
« Reply #18 on: February 17, 2017, 05:28:19 am »
If what you want is wifi bridge to provide wired connections??

" I am concerned about is the lack of Ethernet ports on these APs though"

That is not really the job of a AP..  But you could check, I know the 2nd port on the pro is bridged to the other port and you can add a switch on the other port and more ports that way.  But not sure when using wireless uplink?  But it might be possible - check on the unifi forums.  I know if you put a managed switch there then you could have multiple vlans there as well.

Why exactly can you not run a wire??  Normally you should run a wire!!!  Then if you need more ports there, use a switch - hang an AP off that switch if you also need wifi in that area, etc.
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.3.4_p1 (work)
1x 2.4.1-RELEASE on VM esxi 6.5 (home)

Offline darkarn

  • Jr. Member
  • **
  • Posts: 54
  • Karma: +0/-0
    • View Profile
Re: Possible for Other Router to be DHCP Server instead of pfSense?
« Reply #19 on: February 17, 2017, 07:33:01 am »
If what you want is wifi bridge to provide wired connections??

" I am concerned about is the lack of Ethernet ports on these APs though"

That is not really the job of a AP..  But you could check, I know the 2nd port on the pro is bridged to the other port and you can add a switch on the other port and more ports that way.  But not sure when using wireless uplink?  But it might be possible - check on the unifi forums.  I know if you put a managed switch there then you could have multiple vlans there as well.

Why exactly can you not run a wire??  Normally you should run a wire!!!  Then if you need more ports there, use a switch - hang an AP off that switch if you also need wifi in that area, etc.

I am trying to provide both wired and wireless connections, hence my comment about the APs.

Actually, my very 1st idea to solve all these was to simply do Ethernet drops (i.e. running wires). I was stopped by my parents unfortunately, let's just say they don't want me to run wires around the house; engaging contractors for such stuff is disallowed in the same vein.

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 14276
  • Karma: +1329/-191
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Possible for Other Router to be DHCP Server instead of pfSense?
« Reply #20 on: February 18, 2017, 01:40:31 pm »
Well do your parents want good wifi or not?  Hire someone if they will not let you run it.. Running some ethernet cable is not all that hard.. But this the proper way to provide both wired and wifi connections in an area.  You need a wire to where you need wifi coverage so you can properly place the AP.. Any real AP will be POE  If you wall need wired in that area - there you go you killed 2 birds with 1 stone. 
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.3.4_p1 (work)
1x 2.4.1-RELEASE on VM esxi 6.5 (home)

Offline Derelict

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 9047
  • Karma: +1032/-306
    • View Profile
Re: Possible for Other Router to be DHCP Server instead of pfSense?
« Reply #21 on: February 18, 2017, 02:57:36 pm »
If you house is wired for Cable TV you can also look at MoCA to get the AP/switch where it should be. I never have to think about mine and get 700Mbit/s.

Las Vegas, Nevada, USA
Use this diagram to describe your issue.
The pfSense Book is now available for just $24.70!
Do Not PM For Help! NO_WAN_EGRESSTM

Offline darkarn

  • Jr. Member
  • **
  • Posts: 54
  • Karma: +0/-0
    • View Profile
Re: Possible for Other Router to be DHCP Server instead of pfSense?
« Reply #22 on: February 19, 2017, 12:54:52 am »
Well do your parents want good wifi or not?  Hire someone if they will not let you run it.. Running some ethernet cable is not all that hard.. But this the proper way to provide both wired and wifi connections in an area.  You need a wire to where you need wifi coverage so you can properly place the AP.. Any real AP will be POE  If you wall need wired in that area - there you go you killed 2 birds with 1 stone.

Parents want good wifi... but their definition is a bit looser than ours. ;)

Also, thing is, they don't even allow me to hire the people to do the Ethernet drops! The best they allowed so far is the Netgear Orbi (which I got last night), helps that my friend is willing to buy off my AC66U which will offset some of the costs.

Offline darkarn

  • Jr. Member
  • **
  • Posts: 54
  • Karma: +0/-0
    • View Profile
Re: Possible for Other Router to be DHCP Server instead of pfSense?
« Reply #23 on: February 19, 2017, 12:56:12 am »
If you house is wired for Cable TV you can also look at MoCA to get the AP/switch where it should be. I never have to think about mine and get 700Mbit/s.

I can't find any MoCA equiptment in the market so far. Also, I don't think it is allowed here...

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 14276
  • Karma: +1329/-191
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Possible for Other Router to be DHCP Server instead of pfSense?
« Reply #24 on: February 19, 2017, 04:35:38 am »
allowed where?  Why would there be a restriction on moca.. Makes zero sense..
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.3.4_p1 (work)
1x 2.4.1-RELEASE on VM esxi 6.5 (home)

Offline darkarn

  • Jr. Member
  • **
  • Posts: 54
  • Karma: +0/-0
    • View Profile
Re: Possible for Other Router to be DHCP Server instead of pfSense?
« Reply #25 on: February 19, 2017, 10:58:46 am »
allowed where?  Why would there be a restriction on moca.. Makes zero sense..

Sorry, I thought there's a ban on MoCA for Singapore. I must have mixed up with something else.

Anyway, I am unsure the state of Coaxial cabling in my house and hence whether MoCA is feasible or not. The import prices and lack of local support for these equipment is not helping

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 14276
  • Karma: +1329/-191
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Possible for Other Router to be DHCP Server instead of pfSense?
« Reply #26 on: February 19, 2017, 11:31:36 am »
Well if you can not run a wire, or use existing wiring like moca, how about powerline adapters.. which would be 3rd choice.. wireless uplink would always be last.
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.3.4_p1 (work)
1x 2.4.1-RELEASE on VM esxi 6.5 (home)

Offline darkarn

  • Jr. Member
  • **
  • Posts: 54
  • Karma: +0/-0
    • View Profile
Re: Possible for Other Router to be DHCP Server instead of pfSense?
« Reply #27 on: February 23, 2017, 08:01:16 am »
Well if you can not run a wire, or use existing wiring like moca, how about powerline adapters.. which would be 3rd choice.. wireless uplink would always be last.

Actually I was using these. Even though these introduced EMI/RFI noises that affected that my audio equipment, I was willing to put up with it for the sake of my family (and invest in those power strips that supposedly reduce such noise). So how I set these up was to simply plug one in my room with my pfSense rig and another in the central part of my house with my Asus AC66U. This fixed *almost* all Wifi deadspots, but one day, these homeplugs went down out of a sudden for no good reason. Switching them off and on worked, but I decided that it's time for me to move on from homeplugs and try something else seeing that a single router will not solve the issue. Then I saw the Orbi on sale and have good reviews by many and my friend needing to take over my AC66U, so I decided to give it a shot. So far, my family are extremely happy with the Orbi so I guess this part of the network puzzle is solved for now. If they want/need faster speeds, I will insist on proper Ethernet cabling then.

Offline darkarn

  • Jr. Member
  • **
  • Posts: 54
  • Karma: +0/-0
    • View Profile
Re: Possible for Other Router to be DHCP Server instead of pfSense?
« Reply #28 on: February 23, 2017, 09:01:06 am »
And back to the topic at hand. after testing more and reading more, now I can see why you all sounded confused about my questions, real sorry about that!  :(

Firstly, I read up about bridging two or more NICs within pfSense, thinking that I may need it. Turns out that it can be done but not recommended; the more recommended method is to simply connect a switch to it, which I failed to consider all these while! So, all I did was to connect to the switch first, and then to the Orbi and other devices. This meant no more funky port forwarding needed for HAProxy (yes, this works too but I am trying to avoid this) and yet all devices being able to connect to the Internet and be protected by pfSense.

Then, I thought through more carefully and noted how only my guests will need only wireless connection, which means I just need to make sure they can connect wirelessly to the Internet but not to my devices. This means I need a properly working "Guest Network" function, which can be accomplished if I keep the Orbi in Router Mode.

Then also, I realised that my laptop, which is connected to the switch, can also connect wirelessly to the Orbi. This means it can be on both subnets (and thus workaround issues such as not being able to print/scan from wireless printer and my mobile devices not being able to find it)

All these knowledge made it a lot easier to solve my issues. Now I can have pfSense packages working properly with my wired devices, a proper Guest Network and all personal devices (non-guest) devices able to talk to each other whenever necessary.

Here's my new (and final?) network diagram

Network Diagram

In short, yes, in a network, there can be more than one DHCP server and devices can have multiple IP addresses by having one per network interface

Now only one last thing left: If I were to run out of ports on the switch, should I daisy chain another switch (the cheaper option), or should I try to find a bigger managed switch and replace it (the much expensive option)? Current switch is a TP-Link 8 port Smart Switch TL-SG2008
« Last Edit: February 23, 2017, 09:11:35 am by darkarn »

Offline JKnott

  • Hero Member
  • *****
  • Posts: 894
  • Karma: +29/-4
    • View Profile
Re: Possible for Other Router to be DHCP Server instead of pfSense?
« Reply #29 on: February 23, 2017, 09:13:44 am »
Quote
and devices can have multiple IP addresses by having one per network interface

Actually, even an interface can have more than one address.  On IPv4, you can create an alias address and on IPv6, multiple addresses are to be expected.  For example, on this computer, I currently have 8 IPv6 addresses on the one NIC.  There is one link-local address, one SLAAC, based on the MAC address and 7 random number "privacy" based SLAAC addresses.  All of them are valid.  One thing about the random number addresses is I get a new one every day and the oldest then falls off the end of the list, so the list of addresses will change daily.