• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Failover static routes

HA/CARP/VIPs
2
5
3.5k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    MarkatOSI
    last edited by Nov 17, 2008, 4:39 PM

    I have 2 pfSense boxes setup like so

    pfsense1
    WAN 10.0.0.228
    LAN 192.168.0.250
    Static route from 10.0.0.228 to 10.0.1.96/28 where there 15 additional addresses I get to use

    pfsense2
    WAN 10.0.0.232
    LAN 192.168.0.254

    I use carp to failover between the two and this works fine. Since the 15 additional addresses are mapped to
    10.0.0.228 right now those addresses would not failover since the WAN interface is different on the second pfsense box. I asked the ISP what could be a solution for me and this is a quote from them

    "So the good solution is to use a float GW as destination for that static route
    .Does your firewalls have a float gw(that will always be on the active FW) ?
    If so we should change static routes to use it"

    Is this a solution for me and pfSense or is there an alternate way to ensure that when the pfSense1 fails over to pfsense2 that i can continue to access the 15 additional routable addresses? Do you require more information to assist me? I'm happy to provide any additional information you may require.

    Thanks

    1 Reply Last reply Reply Quote 0
    • M
      MarkatOSI
      last edited by Nov 17, 2008, 4:42 PM

      I forgot to mention the GW for each pfSense is 10.0.0.225

      1 Reply Last reply Reply Quote 0
      • D
        dotdash
        last edited by Nov 18, 2008, 4:53 PM

        I don't really understand your setup, but try this-
        Add a CARP IP in your WAN range, say 10.0.0.230, then use this as your outbound NAT IP. Then use this IP for the route. Since you didn't mention it, make sure you are also using a CARP IP on the LAN (like 192.168.0.252) that the machines are using as their default gateway.
        Again, I'm not really clear on how you are using the additional subnet, so I may be off-trackā€¦

        1 Reply Last reply Reply Quote 0
        • M
          MarkatOSI
          last edited by Nov 18, 2008, 5:04 PM

          The additional subnet is being used to provide access to 15 routable additional ip addresses to the 10 the isp allocated to me originally. In the example i used here all the addresses are private simply as an example. so assume all the 10.0.0 addresses are external addresses available to the internet.

          I am using a carp ip on the wan. I did originally setup the carp as described in the online tutorial someome produced for carp setup for pfense. i don't have that link handy right now though

          1 Reply Last reply Reply Quote 0
          • M
            MarkatOSI
            last edited by Nov 18, 2008, 7:00 PM

            Dotdash i sent you a private message with a clarification of how things are setup

            1 Reply Last reply Reply Quote 0
            3 out of 5
            • First post
              3/5
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.