Multiple WAN HA setup (No Multi-WAN LB or FO)
-
Hello everyone!
I am evaluating to implement a 2 node HA clúster in pfSense 2.4.4 (VM Gen.2 over Hyper-V Server 2016).
I'm reading the official information from here: https://www.slideshare.net/NetgateUSA/high-availability-on-pfsense-24-pfsense-hangout-march-2017
I'm good at almost every point, except the next one.
On my network I have my pfSense as default gateway. On this one I have 3 internet links.
The first of them is a /29 by which half of my users navigate.
In the second one I have only one IP, and I use it for the navigation of the other half of my users.
The third is for sending and receiving mail only.Do I need 3 IPs per WAN in each WAN to build this HA? Or just the first WAN /29 is enough for me?
I would appreciate very much some light on that.
Thank you very much in advance!Best regards
Gabriel -
@_neok I don't know how to do what you want but have you checked out this one?
https://www.slideshare.net/NetgateUSA/high-availability-part-2-pfsense-hangout-july-2016Also keep in mind that these slides are from presentations (pfSense monthly hangouts) and you can watch the entire presentation on youtube. https://www.youtube.com/channel/UC3Cq2kjCWM8odzoIzftS04A
-
You can probably get away with having only one proper WAN with two single-address WANs as long as:
All addresses are static (not DHCP, PPPoE, etc)
You ensure that the default gateway in the routing table is always the interface where the secondary can get out (has its own routeable interface address)
The main issue is that the secondary can access the internet (get updates, resolve DNS, etc) when it is CARP BACKUP.