CARP over wifi Bridge and 2 floors
-
I would like to know if it's possible to set up a two Pfsense routers to communicate with each other (pfSync) for failover, when they're on two different floors, connected by a wireless bridge.
Additional info: Top floor has 2 internet connections going into one pfsense router. Physical servers and NAS are on the top floor. A separate router on the top floor configured to be an Access-Point be connected to a router on the bottom floor, configured as a Bridge so that networking on the top and bottom floored are unified. The bottom floor will have the second Pfsense router, connected to a separate internet connection. Please refer to the diagram attached.
Questions:
- Can pfSync be configured between these two pfsense routers if a wireless bridge is involved, so that if one pfsense router fail, the other will completely take over?
- Is it possible for all clients on the top floor to have internet connection if the the physical internet line on the top floor goes out? Essentially top floor using getting internet from the line on the bottom floor. (Keep in mind the wifi Bridge is on the bottom floor)
http://screencast.com/t/kpqrfOhGvnNJ
-
There are several problems with that:
- HA nodes with CARP must have identical interface setups. You can't have three different ISPs across two nodes and have it work properly.
- Failover signaling happens via CARP VIPs not the sync interface and those VIPs decide to fail over based on multicast heartbeats on each segment with a CARP VIP (e.g. LAN)
- Using HA for "Multi-WAN" is not viable. There is no way to signal node failover based on a WAN failure.
For proper HA, all nodes must be connected to all the same ISPs, though that isn't always possible, without that you can't have a setup that will cover both HA and WAN failover.
