• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

connecting two network to share files pfsense

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.

wagex

Chapstick Eating Premium Member
Joined
Jan 14, 2011
ok so the basic idea, cousin lives right down the road, i have some 5ghz network bridges coming in wed, the first and easiest idea i had was to just add another nic, bridge it to lan and block ports 67-68 on that bridge so that our dhcp servers wouldnt talk to eachother then set our dhcp pools accordingly so that we wouldnt have any overlapping ip addresses, alls well. p.s. sthe "static pool" is for devices such as servers that we dont want plopped into the dhcp pool
lan assignments.png


but that leaves us with only 250 ip addresses to share. my next idea was to have each of us be on a different range like
ross 192.168.1.0/24
clint 192.168.2.0/24
mitch 192.168.3.0/24
and instead of just bridging the connections setup static routes between the nic's (will be using a quad port adapter and each of us will have our own port.) this would give us each plenty of addresses (253)

how in the world do static routes work, how could we access each others machines on each other's networks while keeping our routers from trying to tell each others stuff what to do ect. ive tried to do some reading but i dont see anyone else trying to achieve what we are doing we DO NOT want to share internet access we want our own machines to access our own internet only, why i was going to block the dhcp ports between the networks.
netowork setup.gif
 
Last edited:

petteyg359

Likes Popcorn
Joined
Jul 31, 2004
Blocking ports is really the wrong way to go about that... Just tell dhcpd not to listen on that interface. A firewall on a port is far less secure than nothing listening on that port in the first place.
 
Last edited:

Pinky

Member
Joined
Apr 21, 2001
Location
Las Vegas, NV
If you set the routes in each router you won't need to set them on each computer/device.

I have one setup in the wild where I did exactly as described with denying ports 67-68 to prevent dhcp conflicts. It works.

250 addresses for 3 home networks should be plenty. But it would be nice to be able to connect wireless devices and not have to configure the IP info for the connection. Static addressing isn't ideal, IMO. Better to go with a set it and forget it.
 
Last edited:
OP
wagex

wagex

Chapstick Eating Premium Member
Joined
Jan 14, 2011
Blocking ports is really the wrong way to go about that... Just tell dhcpd not to listen on that interface. A firewall on a port is far less secure than nothing listening on that port in the first place.

yeah, but his router isnt as smart he has your run of the mill AC netgear or similar so the config on his end isnt capable of just ignoring, also the firewall on a port being less secure, idgi were both sharing EVERYTHING on the network besides dhcp soo....


If you set the routes in each router you won't need to set them on each computer/device.

I have one setup in the wild where I did exactly as described with denying ports 67-68 to prevent dhcp conflicts. It works.

250 addresses for 3 home networks should be plenty. But it would be nice to be able to connect wireless devices and not have to configure the IP info for the connection. Static addressing isn't ideal, IMO. Better to go with a set it and forget it.

well with the first option i have it would auto configure via dhcp, all we each have to do is set our dchp pools to what i put them as up there and there would be 0 conflicts.only things that would be static would be servers, and would be in the "static address pool"
the "pool start" and "pool end" are the DHCP pools for each of our homes our routers would be configured to auto assign devices on the network to an address inside that pool. so we wouldnt have to assign anything besides servers we wanted in the shared pool.


the reason im worried about the number of addresses is i use probably 40 addresses by myself atleast and i havent even started on my smart home projects which will involve a bunch of wifi based devices... although i could just enable routing on my access point and put them all on their own vlan so they all share an IP.. now were cookin with peanut oil.
edit: better yet throw up another access point dedicated to smart devices and wifi cameras.
 
Last edited:

Pinky

Member
Joined
Apr 21, 2001
Location
Las Vegas, NV
well with the first option i have it would auto configure via dhcp, all we each have to do is set our dchp pools to what i put them as up there and there would be 0 conflicts.only things that would be static would be servers, and would be in the "static address pool"
the "pool start" and "pool end" are the DHCP pools for each of our homes our routers would be configured to auto assign devices on the network to an address inside that pool. so we wouldnt have to assign anything besides servers we wanted in the shared pool.

Okay I follow now, solid plan. It sounds like you have waaay too many networked devices! :p

Maybe steal a few more of the IPs for your use, if you know the other networks don't need as many.
 
Last edited:
OP
wagex

wagex

Chapstick Eating Premium Member
Joined
Jan 14, 2011
Okay I follow now, solid plan. It sounds like you have waaay too many networked devices! :p

Maybe steal a few more of the IPs for your use, if you know the other networks don't need as many.

yeah with the current config i'd have 75 ip's which is plenty in the future i'll be expanding this out to my dad's house but also sharing my internet so that would eat a few of my ip's, and to my other friends house, its a small town only 1milex1mile so any family members and friends willing to pay for antennas and hardware i'll expand the network out for them, i have a pretty massive linux iso collection and my internet blows so i cant just plex them in :( maybe at a later date i'll have to look into doing static routes if we start running out of ip addresses.
 

habbajabba

Member
Joined
Oct 29, 2005
Location
Oregon
Pretty cool. I'd love to be on a network thus. Thts'a what this stuff is made for to begin with and oh boy the hoops. (there's an ap for that lol)
 
OP
wagex

wagex

Chapstick Eating Premium Member
Joined
Jan 14, 2011
ok, so what we ended up doing was getting my cousin on pfsense as well then set it up like this

me pfsense
lan 192.168.10.1/24
opt1 192.168.30.1 "transit network"
static route 192.168.50.1/24 -> 192.168.30.2

him pfsense
lan 192.168.50.1/24
opt1 192.168.30.2 "transit network"
static route 192.168.10.1/24 -> 192.168.30.1

then we simply connected his opt1 and my opt1 and created rules to allow all traffic between the LAN and opt1 on each of our routers.