Public subnet behind NAT for failover howto ?



  • Hello.

    I have 4 ISP for now... My main ISP provide me public IP subnet and 10 Gbit line... Others are for backup and they gave me only 1-5 IP each...
    Now I have 2 pfSense, one for public IP routing and other for NAT. This is because if I don't check "Disable all packet filtering" in advanced menu it refuse to route public IP's. Maybe I do something wrong ? On the other side if I leave it with packet filtering enabled it do only NAT.
    So if my main line drop all users with public IP assigned don't have internet... I have AS, but still don't have any BGP sessions because ISP wich I have for backup refuse to do it... For now they provide me with /30 and public IP's are routed trough it.
    Is there possible pfSense to be configured to route public IP's directly and if line drops to NAT them until problem is solved ?
    Also if this is possible to be done on one machine i will not need 2 separate anymore then maybe i can use them for hardware failover and load balancing but i don't know how to do it also :)

    Thank you in advance.