• Hi All,

    I'm new to PFsense and have found this forum very helpful in my initial configurations. im getting in to some "fancy" stuff now ;)

    alright here's what im trying to do!

    I have 2 PFsense boxes configured with 4 eth interfaces each. config for both boxes is as follows:
    int0 = WAN
    int1 = LAN1
    int2 = LAN2 (failover)
    int3 = SYNC (carp)

    I'm wondering if there's a way to have fail over LAN i would like to bridge LAN1 and LAN2 each cable is physically connected to 2 of the same model physical switches which are also cross connected.

    Is there a good way to make this happen? again I'm also using carp so there are 4 total uplinks from the 2 Routers to the 2 switches

    The setup is for a COLO hosting various applications and webpages. so the idea is NO single points of failure :)

    Thanks in advance for any and all help!! ;D

  • Netgate Administrator

    I'm not entirely sure what you are suggesting but….
    If you have a CARP configuration you already have failover if the two switches are linked independently. Is that not what you are suggesting?


  • If int 1 on Router 1 were to go down would carp know to fail over to router 2?

    i figured the only thing that CARP was really good for was either a power failure on that circuit, and internet failure on that cross-connect or a cable failure between modem and router or possible a software glitch..

    if thats correct then there's still points of failure with 2 PFsense boxes with just 1 LAN connection even with cross connected switches. so if the LAN port would be bridged to another connection in either an active/active mode or an master/slave mode it would mean i can loose a cable, an uplink port or a NIC on the pf sense box and suffer no down time.

    does that make sense?

  • Netgate Administrator

    Ah, yes I see.
    The correct way to mitigate against a failed NIC is to use LAGG. You could do this with your two LAN connections but your switch has to support it.



  • My switches are Extreme Networks 24e2 they are a layer 2 switch.

    what am i looking to see if they support? LACP?

  • Netgate Administrator

    Yes, though I would haver thought those switches might support several types.

    Actually reading the user guide it supports port/link aggregation but it doesn't specify if it's LACP compliant or using their own protocol.  :-\ Try it and see.