pfSense Gold Subscription

Author Topic: Split Routing over WAN and VPN [gui bug]  (Read 154 times)

0 Members and 1 Guest are viewing this topic.

Offline gwaitsi

  • Jr. Member
  • **
  • Posts: 26
  • Karma: +0/-0
    • View Profile
Split Routing over WAN and VPN [gui bug]
« on: November 06, 2017, 01:02:57 pm »
I have OpenVPN setup and router all traffic via ExpressVPN.
I discovered that virtually no sites in China are available to clients outside China going via VPN.

I made a China alias and started to add the network addresses that i recognised was being used and route via the WAN and it all works good.
To add all China ip networks though is like 3000 networks.

Wont this have a performance impact on overall routing if it has to check the alias for each packet? is there a better way to deal with this?
« Last Edit: November 08, 2017, 02:16:26 am by gwaitsi »

Offline viragomann

  • Hero Member
  • *****
  • Posts: 2502
  • Karma: +265/-1
    • View Profile
Re: Split Routing over WAN and VPN
« Reply #1 on: November 06, 2017, 04:41:03 pm »
Wont this have a performance impact on overall routing if it has to check the alias for each packet?
That won't be measurably on most hardware.
Only the table will occupy some kB of memory.

is there a better way to deal with this?
Yes, search for a China IP list in the internet and import it.

Offline gwaitsi

  • Jr. Member
  • **
  • Posts: 26
  • Karma: +0/-0
    • View Profile
Re: Split Routing over WAN and VPN
« Reply #2 on: November 06, 2017, 05:17:24 pm »
I have 4Gb memory and only using 6% at the moment and the CPU is Intel(R) Celeron(R) CPU J1900 @ 1.99GHz, so I guess this has plenty of grunt then.

I have the list and net masks, but can't see how you import it.
Can you give me a hint there please

Offline viragomann

  • Hero Member
  • *****
  • Posts: 2502
  • Karma: +265/-1
    • View Profile
Re: Split Routing over WAN and VPN
« Reply #3 on: November 06, 2017, 06:21:07 pm »
Firewall > Aliases > IP
Below the aliases list there is an Import button at the right side.

Offline gwaitsi

  • Jr. Member
  • **
  • Posts: 26
  • Karma: +0/-0
    • View Profile
Re: Split Routing over WAN and VPN [solved]
« Reply #4 on: November 07, 2017, 01:49:31 pm »
Jesus....now i feel stupid...RTFM....

Thanks man, took me 5min to get the 2006 China networks in.....  didn't notice the import button before, but see the docs.....

Offline gwaitsi

  • Jr. Member
  • **
  • Posts: 26
  • Karma: +0/-0
    • View Profile
Re: Split Routing over WAN and VPN [gui bug]
« Reply #5 on: November 08, 2017, 02:34:23 am »
what a bumber...... imported 2006 networks, have discovered i need to add a new one but there is a gui bug.

Have tried to add via Edge and Firefox on Windows and Linux, but experience the following;
- page load time is long
- when adding the network, is takes a while to respond and firefox gives "a webserver is slowing down your browser"
- page refreshes and the new network is not added

The work around was to add the new address to the import list in excel, and create a new alias from scratch.