Can you failover WAN to dynamic IP?
-
I wanted to setup my HA cluster of netgears to be able to fail over the WAN port to a service that will give me a dynamic IP. Is this possible? Is this supported? I don't want to do a one-off on this, I want to do it by the book if its possible.
I've seen lots of comments about this and from what I can tell, this doesn't work. If I've simply come across the wrong articles, I'd appreciate it if someone could let me know and correct me.
Thanks!
Mike -
If you're looking to have the second WAN ISP use a dynamic IP yes that's possible as we have a client with that scenario. If using a dyndns service and it's configured in pfSense, then pfSense should register the new IP.
If you're trying to use the same IP on both then that won't work unless SD-WAN is used. (apologies if I'm misunderstanding)
-
It won't be "proper" HA as there is no way for the dynamic WANs to participate in CARP or to trigger an HA failover. There would be no seamless failover of clients if the primary node failed to the secondary while the dynamic WAN was in use.
So it can function in the most basic sense -- Multi-WAN could possibly work (gateways may be tricky, for one) but it wouldn't be a good experience and that's one of the reasons we say that type of configuration is unsupported.
If there is only a single shared CPE for the dynamic WAN, you could enable routing mode in the CPE (if it has one) and then setup HA w/CARP on pfSense in the private subnet behind it. Setup 1:1 NAT on the CPE to map all traffic on its public address to the private CARP VIP.
That won't work if each HA node has its own separate second WAN, though.
