4. Failover of 03 Pfsense in large network

Failover of 03 Pfsense in large network

  • A

    Hello,

    I installed three servers in a hotel to connect to Internet approximately 3,000 customers.
    The hotel is split into three separate blocks of 1,000 customers, for limiting broadcast domains, I put a server per block.
    See the diagram for more information.

    The main optical fiber connection is on the central block, the other two blocks have ADSL adsl backup.
    The failover for WAN connection works well.

    My question is: how to route the LAN connection to another server in another block if the Pfsense server crash?

    Thank you!

    0
  • D

    @azizth:

    My question is: how to route the LAN connection to another server in another block if the Pfsense server crash?

    Well, there can be several ways to implement redundancy, it depends on what tools are available to your at the Wifi part of your network, if you're bridging or routing etc.

    I've done quite a bit of work on the subject, and imho offering a Wifi service to 3k users (assuming concurrent users) is a difficult task that requires a lot of work in design & implementation.

    Otherwise any kid with a pentest distro would be able to bring your entire network down within minutes (with a dozen different attacks e.g. ARP poisoning, dhcp pool exhaustion, DoS against your gateway services like dns etc)

    0
  • A

    Thank you for your reply dhatz.

    Well, there can be several ways to implement redundancy, it depends on what tools are available to your at the Wifi part of your network, if you're bridging or routing etc.

    can you expose me some of the this ways please? The least expensive possible because the client has a very limited budget.

    Thank you very much.

    0
  • D

    To offer any concrete suggestions, you'd have to provide many more details (geographical & network topology, networking gear in place already, types of cabling, services to be offered e.g. HSIA / VoIP / VoD etc).

    Will the hotel use the networking infrastructure to only provide high-speed Internet (HSIA) to guests, or will it also use it e.g. to connect its own equipment e.g. POS, or provide VoIP or video-on-demand to guestrooms etc ?

    Do you want to achieve redundancy in terms of WAN connections i.e. to utilize the hotel's 1x fiber & 2x ADSL WAN lines, and if one of them should go down then the guests' Internet traffic would be re-routed via the WAN connections that remain up ?

    Anyway, my suggestion would be to hire a consultant who has done this before.

    0
Locked
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy