Carp + DUAL WAN does this make sense
-
I am setting up a network with a DMZ and I want to use carp with dual wan failover. I have looked around the boards and at the tutorials and have come up with this setup. Two WAN connections each with its own switch. Each switch is connected to each pfsense box. Then the rest is standard pfsense carp.
One question is how many ips would I need from each provider. The other is does this layout make any sense whatsoever hehe.
Thanks
Eric
-
You would need three IPs for each WAN one for each real box and one for them to share as a CARP VIP.
The layout looks ok to me. You will need a switch on the LAN side to join both carp boxes together on the LAN.
-
Don't know for sure if you want a single box with Dual WAN or Cluster with Dual Wan?
Single Box: [Failover/Load Balancer]
o WAN1 IP
o WAN2 IP
o DMZ IP
o LAN IPCluster: [CARP]
+Box 1:
o WAN1 IP
o WAN2 IP
o LAN IP
o DMZ IP+Box 2:
o WAN1 IP
o WAN2 IP
o LAN IP
o DMZ IP+VIP:
o WAN1 VIP
o WAN2 VIP
o LAN VIP
o DMZ VIPSee this post for the diagram: http://forum.pfsense.org/index.php/topic,3555.0.html
-
Don't know for sure if you want a single box with Dual WAN or Cluster with Dual Wan?
What I want is to have a hardware failover through carp and have a failover connection. So say a router explodes it fails over to the second but still uses the main line (T1) and if the main line goes down it goes to the failsafe connect (DSL or some such). Load balancing isn't really an issue.
Eric
-
Not to make life more complicated, but how would I add BGP into the mix to provide failover to another site?
Eric