CARP with PPPoE that has VLAN requirement



  • I'm a little confused about what needs to happen here for my PPPoE connection to be used with CARP...

    the PPPoE session/authentication has to happen on pfsense because I have a fiber connection with a VLAN requirement (VLAN35) where the ONT is directly into my switch and that is passed down to pfsense. The PPPoE is DHCP but I can have more than one session active and get a routable IP address.

    I did what I thought was correct following roughly this guide: https://forum.netgate.com/topic/135904/configure-an-pppoe-on-an-carp-if

    Unfortunately the WAN link never came up so either I'm not doing it right (likely as this is my first foray into HA) or my setup isn't possible to do.

    Can this even be done or am I wasting my time?



  • I've set up the CARP with PPOE as described here and it's working properly.
    https://forum.netgate.com/topic/135904/configure-an-pppoe-on-an-carp-if/5

    My ISP doesn't require any VLAN, but anyway VLANs are just a layer 2 setting that shouldn't affect CARP in any way. To make it easier, if you have spare interfaces on your pfSense, you can dedicate one to the WAN and get there from the switch with an access (untagged) port on VLAN 35, so you don't need to bother with VLAN inside pfSense as well.

    BTW, with the suggested configuration, when switching from main to slave, PPOE it's disconnected and connected again so it will take a while and it's not completely transparent. In your case that you are able to establish multiple PPOE sessions, maybe you could have them always online? I don't know, but at least with the "shared" PPOE described above it's working.



  • @Gabri-91 said in CARP with PPPoE that has VLAN requirement:

    I've set up the CARP with PPOE as described here and it's working properly.
    https://forum.netgate.com/topic/135904/configure-an-pppoe-on-an-carp-if/5

    Well that's good news I suppose.. Unforutnatly that means that I really have no clue what I'm doing when configuring this and info is lacking for someone not well versed in what actually is happening here.

    I'm cable to get CARP running and connected but how to actually configure the rest of it all with VIP's etc. is likely where I'm getting things wrong. I guess I will keep trying and breaking things.

    I also have an issue with the backup unit losing the CARP/HA rule when it syncs, not sure what is causing that - lots of googling suggests it's an issue with different amounts of interfaces but the interfaces are the same number on both units.




  • LAYER 8

    maybe if you can upload some screenshot of your pfsense configuration (carp/interface/pppoe), hiding sensitive stuff could be of help for the op and anyone with the same question



  • For the "standard" CARP/Sync/HA I'd say it's plenty of guides on how to properly set it up. Regarding PPOE this post that I've already sent it's already really detailed (just missing screenshots, but it should be easy following the steps).

    I think we are missing an important information anyway: @NOTORIOUS_VR is it WAN link working with just one pfSense? First of all you need to make sure that it's working on a single machine so we can exclude Layer 2 (VLAN & switch) issues. Then please post some screenshot of interfaces, PPOE and VLAN configuration of the single pfSense so we can understand the configuration.
    It's not clear where VLAN 35 is involved too: how are the switch ports (ONT and pFSense) configured? I guess ONT one should be tagged on VLAN35, and pfSense one? Is it untagged VLAN35? Or tagged VLAN35 and you are tagging inside pfSense (is virtual or physical) as well?



  • @NOTORIOUS_VR said in CARP with PPPoE that has VLAN requirement:

    I also have an issue with the backup unit losing the CARP/HA rule when it syncs, not sure what is causing that - lots of googling suggests it's an issue with different amounts of interfaces but the interfaces are the same number on both units.

    Regarding this, just to be sure, No XMLRPC Sync option on the rule is disabled?


Log in to reply