Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HA documentation - can the modem and the WAN switch be the same ISP supplied device?

    Scheduled Pinned Locked Moved
    HA/CARP/VIPs
    2
    3
    536
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jmilne
      last edited by jmilne

      I have a question about the diagram that is used for explaining HA setup (both in the pfsense book and the various Netgate videos). Here it is:

      0_1544089029853_HA layout.JPG

      The diagram shows a WAN switch, a little box and the Internet cloud. The book and the video don't really discuss these much as I'm assuming what they signify is obvious to most people. However, I am new to this and would like to clarify.

      I'm assuming that the little box corresponds to a modem?

      And the WAN switch is an extra switch we have to buy ourselves?

      My question is:

      If an ISP supplies a single modem/switch combo device, does that negate the need to buy the extra WAN switch?

      Our current ISP (Virgin) has supplied 3 pieces of hardware for our dedicated fibre line. Our current router plugs into one of their devices. There is only one input port for us to use on that device. I can see we obviously need a switch here for HA as there is nowhere to plug the second pfsense device in. Rack space is running low...

      We are getting a second redundant WAN line soon. The second ISP will be supplying a single device that bundles a 4 port switch in with the modem. In this case, do we need the additional "WAN switch" or can we just use the ports on the ISP device (or any other better quality dual modem/switch that we buy ourselves)?

      We may not do this as we won't have redundancy on the WAN switch element of the setup if we do that. I juts want to get my facts straight about what is and isn't possible.

      UPDATE: I've spoken to Virgin who have said they can upgrade one of the devices in our setup to one that allows more than one connection in. If it is OK for the WAN switch and the modem in the diagram to be a single device, I can save myself having to get any extra switches. This would be good for us as our free rack space is very low. We believe this WAN failover would be good enough for us and would me we wouldn't have to worry about Layer 2 redundancy on the WAN switch element of the diagram. It seems viable to me but I'm new to this so am just looking for someone who actually knows their stuff to clarify.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        We have found that in most cases, modem/router built-in switches do not properly handle the CARP multicast frames needed for failover to function. You can try the built-in switch but I would not have much confidence in it being viable.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 1
        • J
          jmilne
          last edited by jmilne

          Hi jimp,

          Thanks for this. This stopped me making a big mistake (not adding new switches to the purchase list) and potentially wasting hours trying to work out why CARP wasn't working. It will also save me the hassle of arranging with Virgin for an upgrade we don't need.

          I do actually now remember reading in the pfsense book that the switches must be checked for multicast support. However, the text didn't properly register until your reply.

          Thanks again for your help and patience.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post