4. How to connect 2 bridged WAN to a switch ?

How to connect 2 bridged WAN to a switch ?

  • S

    I have inherited 2 pfsense instances (2.0 and 2.0.1) behind a baystack 350-12T switch.
    pfsenses have the same config : WAN,LAN,OPT2 - bridged.
    WAN (with assigned IP) connected to baystack, LAN (no IP) to DMZ
    OPT2 is connected via CARP and is used for pfsync.
    I'd like to have a WAN VIP address, which would be used as a default gw for DMZ network (a few /24 networks) and load balancer.
    For the moment one switch port is disabled to not have a network loop. And for that reason CARP fro WAN doesn't work (both are in master status).
    In case of any issue with one of pfsense, baystack switch ports (pfsenses are connected to) are manually swapped (en/dis to dis/en).
    That's the current situation.

    What I want to get, is to enable both baystack ports, and have a real failover configuration.
    What is the best approach we can go with ? baystack support a kind of STP. STP is disabled on both pfsense bridges.
    I have read many opinions, that STP may cause issues, I cannot afford (everything is in production).
    Is STP a way to go with, or to use devd, as it is described here http://forum.pfsense.org/index.php/topic,4984.msg87793.html#msg87793

    What would you recommend ?

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy