Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Failover of 03 Pfsense in large network

    Installation and Upgrades
    2
    4
    1194
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      azizth last edited by

      Hello,

      I installed three servers in a hotel to connect to Internet approximately 3,000 customers.
      The hotel is split into three separate blocks of 1,000 customers, for limiting broadcast domains, I put a server per block.
      See the diagram for more information.

      The main optical fiber connection is on the central block, the other two blocks have ADSL adsl backup.
      The failover for WAN connection works well.

      My question is: how to route the LAN connection to another server in another block if the Pfsense server crash?

      Thank you!

      1 Reply Last reply Reply Quote 0
      • D
        dhatz last edited by

        @azizth:

        My question is: how to route the LAN connection to another server in another block if the Pfsense server crash?

        Well, there can be several ways to implement redundancy, it depends on what tools are available to your at the Wifi part of your network, if you're bridging or routing etc.

        I've done quite a bit of work on the subject, and imho offering a Wifi service to 3k users (assuming concurrent users) is a difficult task that requires a lot of work in design & implementation.

        Otherwise any kid with a pentest distro would be able to bring your entire network down within minutes (with a dozen different attacks e.g. ARP poisoning, dhcp pool exhaustion, DoS against your gateway services like dns etc)

        1 Reply Last reply Reply Quote 0
        • A
          azizth last edited by

          Thank you for your reply dhatz.

          Well, there can be several ways to implement redundancy, it depends on what tools are available to your at the Wifi part of your network, if you're bridging or routing etc.

          can you expose me some of the this ways please? The least expensive possible because the client has a very limited budget.

          Thank you very much.

          1 Reply Last reply Reply Quote 0
          • D
            dhatz last edited by

            To offer any concrete suggestions, you'd have to provide many more details (geographical & network topology, networking gear in place already, types of cabling, services to be offered e.g. HSIA / VoIP / VoD etc).

            Will the hotel use the networking infrastructure to only provide high-speed Internet (HSIA) to guests, or will it also use it e.g. to connect its own equipment e.g. POS, or provide VoIP or video-on-demand to guestrooms etc ?

            Do you want to achieve redundancy in terms of WAN connections i.e. to utilize the hotel's 1x fiber & 2x ADSL WAN lines, and if one of them should go down then the guests' Internet traffic would be re-routed via the WAN connections that remain up ?

            Anyway, my suggestion would be to hire a consultant who has done this before.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post