The networks we have contemplated so far have been relatively simple networks with two interfaces (WAN and LAN). As our networks get larger, we have two primary concerns. The first is the increase in broadcast traffic (packets received by every node on the network). The second is the need to segregate network traffic based on management and/or security concerns.

One way of solving these issues is to divide our networks into different segments. For example, in a corporate network we may have different subnets for the engineering department, the sales department, and so on. The problem with this approach is that it does not scale well in the traditional networking paradigm. Each subnet requires a separate physical interface, and there ...

Get Mastering pfSense now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.