Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    CARP on OVH dedicated cloud

    Scheduled Pinned Locked Moved HA/CARP/VIPs
    4 Posts 2 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rsk
      last edited by

      Hi,

      I'm currently have a test-drive with OVH dedicated cloud (vSphere 5.5) My goal is to have a virtual redundant HA pfSense setup as base for other networks / servers behind the pfSense machines. I have successful set up HA between pfSense boxes in the past, no problem ever. But after reading the FAQ and the WIKI for specific problems when using vSphere / ESX I just need some advise how to communicate with the tech staff at OVH, I have written many tickets describing the problem including links to the pfSense FAQ but they say always "we have customers that are using pfSense with CARP" and everything is fine. They have turned on CARP and VVRP support at my request on their vswitch but I think they must also allow promisc mode on the proper port groups as stated in the wiki.

      So to make a long story short, is anyone around here that have a successful HA CARP pfsense setup running at the OVH dedicated cloud?

      Thank for your help,
      René

      1 Reply Last reply Reply Quote 0
      • R
        rsk
        last edited by

        Just for the records, after a really long e-mail support conversion pointing them into the right direction the OVH staff was able to activate promise mode on the portgroup for the pfSense boxes. So now it just works as expected (™).

        René

        1 Reply Last reply Reply Quote 0
        • C
          CapitanBlack
          last edited by

          @rsk:

          Just for the records, after a really long e-mail support conversion pointing them into the right direction the OVH staff was able to activate promise mode on the portgroup for the pfSense boxes. So now it just works as expected (™).

          René

          Bonjour René!

          Could you please share how did you make CARP working in OVH environment?

          Thanks!

          1 Reply Last reply Reply Quote 0
          • C
            CapitanBlack
            last edited by

            Got an answer from OVH that CARP is not possible for their hardware dedicated servers due to network design.

            I've solved this using OVH Control Panel API - https://api.ovh.com

            1. buy some OVH failover IP's (one or subnet block ) and assign them to "master" firewall in OVH Control Panel

            2. create identical "IP alias(es)" for OVH failover IP's attached to WAN interfaces on both "master" and "backup" firewalls.
                  Yes, create identical IP Aliases - no IP conflict will ever happen.

            3. wrote a Python script that moves above OVH failover IP's to "backup" server in case "master" firewall stops responding for let's say 10 seconds
                  Script can work on backup server on any other Linux/Windows server anywhere.

            Works just fine - API failover IP move takes about 50-55 seconds to finish.
            So, if scripts timeout for your "master" firewall is set to 10 seconds - you are looking at max 60-65 seconds outage for your services.

            Boom.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.