PRA over 2nd site, 2 ip blocs
-
Hello everyone,
i currently design a PRA over two physical locations.
My main site A has a public ip bloc A.A.A.A/27
My failover site B has a plublic ip bloc B.B.B.B/27Those blocs are attached to pfsense boxes in carp.
Vms are replicated by veeam replication daily.My main PRA Plan, if site A is down, is through my provider to reattach A.A.A.A/27 to site B, so should the services continue.
Where it gets tough, is that i must think about a case where the A bloc would not be transferrable to B, for disaster reasons.
So i thought about using the B.B.B.B/27 bloc, attached to B, to be a replica of what i have in A.A.A.A.
Right now, here is what i think :
- on Master site, pfsense, i add an interface with B.B.B.B Wan address, gateway... . I will then have 2 WAN on production but only 1 usable by site (the one really attached)
- On master, the B gateway will be seen as OFF, and A On.
- On the failover site, it will be A Off and B ON .
- On master i will create virtual IPs for B.B.B.B, and write my nat/Rules for this second ip bloc
if i need to activate the failover, i will need to :
- Activate all VM on failover site,
- Change the default gateway for the B one in pfsense
- change the Nat Out settings for using the B interface ? (not sure here)
I did not explore Gateways Groups, LAGG, BGP, and so on, and would like your advice on where i am.
What do you think ?
Thanks everyone for your help !