Pfsense on a gmirror pair?

  • I've been dabbling with other firewall distros, but I think I finally found a use-case I can't implement with any other distro (that I know of, anyway…)  I have two ESXi hosts in a HA cluster.  I am not really worried about zero downtime, so if the production host fails, the VMs will all be restarted on the other host.  Because I don't want any to take down the internet (even briefly), I was playing with the firewall VM being FT rather than HA.  Here's the single point of failure though: Both HA and FT require the VMs to be on shared storage.  I have a NAS/SAN using ZFS and sharing to ESXi with NFS.  The problem is that if the NAS/SAN server fails, the FT VM fails too.  So my idea: install pfsense on a gmirror pair.  One disk is on the production NAS/SAN host, the other is on a backup (low-use) NAS.  So if the NAS/SAN fails, pfsense should keep running, correct?

  • I haven't used it, but I've noticed that "Install on gmirror" or similarly worded option appears in the installer if 2 or more disks are available. So you should be able to add 2 or more virtual drives for the VM and setup a gmirror during the setup.