Different BGP configuration on Primary (master) and Secondary (slave)


  • Is there a way to have two different active BGP configurations on a HA pfSense configurations? (Config A on box A, Config B on box B). I have been using CARP to provide HA and have now added several redundant links to GCP (one per environment, ie dev, test, prod). For each redundant link, one goes to the primary pfSense box and the other to the secondary. The problem I've run into is that it doesn't seem to be possible to run one BGP config on one box and a different one on the other. When I make changes in the secondary's web page the changes are not reflected in the raw config.

    It is still necessary to run CARP on the internal network to provide failover. Is there a way to maintain CARP for the internal network and use BGP with different configs on each box for the external networks to GCP?

    Thanks in advance,
    Jeff.


  • This time I was very careful to remove the carp setting from openbgpd and to only edit the (raw) config through Services -> OpenBGPD -> Raw config (tab) on each box. It doesn't seem to have been interfered with by CARP or the other box this time round. This seems to work though I've yet to do a failover test.