How to Route Facebook Traffic to Different Gateway with Pfsense

Learn how to route Facebook traffic to a different gateway with Pfsense, a free and open source firewall and router. Find out how to find Facebook’s IP addresses and create a static route for them.

Table of Contents

Problem/Question
Step 1: Finding Facebook’s IP Addresses
Step 2: Creating a Static Route for Facebook in Pfsense
Tips and Tricks for Better Routing
Frequently Asked Questions (FAQs)
Summary

Problem/Question

If you have a Pfsense router and two internet circuits, you may want to redirect the Facebook web traffic to a different gateway than the rest of your traffic. This can help you optimize your bandwidth usage, improve your network performance, or bypass any restrictions on your primary gateway. But how do you route Facebook traffic to a different gateway with Pfsense?

In this article, you will learn how to find Facebook’s IP addresses and create a static route for them in Pfsense. You will also find some useful tips and tricks to make your routing more efficient and secure.

Step 1: Finding Facebook’s IP Addresses

Before you can route Facebook traffic to a different gateway, you need to know the IP addresses that Facebook uses. Facebook owns many IP addresses and they may change over time, so you need to update your list regularly. Here are some ways to find Facebook’s IP addresses:

Use the nslookup command. You can use the nslookup command in your terminal or command prompt to query the DNS name of Facebook and get the associated IP address. For example, you can type nslookup facebook.com and get an IP address like 69.63.176.13. However, this method may not give you all the IP addresses that Facebook uses, as it may only return one or a few of them.
Use the whois service. You can use the whois service to look up the ownership information of an IP address or a domain name. For example, you can go to the Whois website and enter facebook.com in the search bar. You will get information about the domain name, including the IP ranges that Facebook owns. For example, you will see ranges like 66.220.144.0 – 66.220.159.255, 69.63.176.0 – 69.63.191.255, and 204.15.20.0 – 204.15.23.255. You can use these ranges to create your static route.
Use a web search engine. You can use a web search engine like Google or Bing to search for Facebook’s IP addresses. You may find some websites or articles that list some of the IP addresses that Facebook uses. For example, you can go to this GitHub page and see a list of IP addresses for Facebook. However, this method may not be reliable or up-to-date, as the IP addresses may change or be inaccurate.

Step 2: Creating a Static Route for Facebook in Pfsense

After you have found Facebook’s IP addresses, you can create a static route for them in Pfsense. A static route is a rule that tells your router how to forward packets to a specific destination. Here are the steps to create a static route for Facebook in Pfsense:

Log in to your Pfsense web interface and go to System > Routing > Static Routes.
Click on the Add button to create a new static route.
Enter the following information for the static route:
- Destination network: Enter the IP address or the IP range of Facebook that you want to route to a different gateway. For example, you can enter 66.220.144.0/20 or 69.63.176.13/32.
- Gateway: Select the gateway that you want to use for the Facebook traffic. For example, you can select WAN2 or OPT1, depending on your configuration.
- Description: Enter a description for the static route. For example, you can enter Facebook route.
Click on the Save button to save the static route.
Click on the Apply Changes button to apply the changes.

Tips and Tricks for Better Routing

Here are some tips and tricks to make your routing more efficient and secure:

Use IP sets. Instead of creating multiple static routes for each IP address or IP range of Facebook, you can use IP sets to group them together and create a single static route for the IP set. IP sets are collections of IP addresses or IP ranges that can be matched by a single rule. You can create and manage IP sets in Pfsense by going to Firewall > Aliases > IP.
Use firewall rules. In addition to creating static routes, you can also use firewall rules to control the Facebook traffic. Firewall rules are rules that allow or block packets based on various criteria, such as source, destination, protocol, port, and gateway. You can create and manage firewall rules in Pfsense by going to Firewall > Rules.
Use VPN or proxy. If you want to route Facebook traffic to a different gateway for privacy or security reasons, you can also use a VPN or a proxy service. A VPN or a proxy service can encrypt and anonymize your traffic, as well as bypass any restrictions or censorship on your primary gateway. You can set up and configure a VPN or a proxy service in Pfsense by going to Services > VPN or Services > Proxy.

Frequently Asked Questions (FAQs)

Here are some frequently asked questions related to routing Facebook traffic to a different gateway with Pfsense:

Question: How do I route Facebook traffic to a different gateway with Pfsense without a static route?

Answer: You can use policy-based routing to route Facebook traffic to a different gateway with Pfsense without a static route. Policy-based routing is a method of routing packets based on the policy or criteria defined in the firewall rules. You can create a firewall rule that matches the Facebook traffic and assigns it to a different gateway.

Question: How do I update the list of Facebook’s IP addresses in Pfsense?

Answer: You can update the list of Facebook’s IP addresses in Pfsense by using the pfBlockerNG package. pfBlockerNG is a package that allows you to block or allow traffic based on IP lists, domain lists, geo-location, and other criteria. You can use pfBlockerNG to create an IP list for Facebook and update it automatically or manually.

Question: How do I test if the routing of Facebook traffic to a different gateway with Pfsense is working?

Answer: You can test if the routing of Facebook traffic to a different gateway with Pfsense is working by using the traceroute command. Traceroute is a command that shows the path and transit times of packets across a network. You can use the traceroute command to trace the route of a packet from your computer to Facebook and see which gateway it uses.

Summary

In this article, you learned how to route Facebook traffic to a different gateway with Pfsense. You learned how to find Facebook’s IP addresses and create a static route for them in Pfsense. You also learned some tips and tricks to make your routing more efficient and secure. Routing Facebook traffic to a different gateway with Pfsense can help you optimize your bandwidth usage, improve your network performance, or bypass any restrictions on your primary gateway.

Disclaimer: This article is for informational purposes only and does not constitute professional advice. The author and the website are not affiliated with or endorsed by Pfsense or Facebook. The author and the website are not responsible for any errors, omissions, damages, or losses that may result from following this article. Always consult the official documentation and support resources before using Pfsense or any other software.