CARP without WAN?
-
Hello
i want to setup a CARP HA setup for my pfsense.
presently pfsense is on bare metal hardware.
want the backup pfsense on proxmox.my requirements-
want to have a backup pfsense running so that the internal vlan routing and dhcp can be achieved even when primary pfsense is down.
not worried about internet connectivity from the backup pfsense. -
@puneet1984 https://docs.netgate.com/pfsense/en/latest/highavailability/#ip-address-requirements-for-carp
"It is technically possible to configure an interface with a CARP VIP as the only IP address in a given subnet, but it is not generally recommended. When used on a WAN, this type of configuration will only allow communication from the primary node to the WAN, which greatly complicates tasks such as updates, package installations, gateway monitoring, or anything that requires external connectivity from the secondary node."On the plus side as of pfSense 2.6/22.01 the state sync is not bound to the interfaces so the hardware can now differ.
-
It's probably possible. You'd need to arrange VLANs shared between the physical and virtual pfSense instances such that all interfaces share a layer 2 connection with each other.
Steve