Wireless AP on PFSense and Failover
-
I'm looking to get a matched set of devici from the pfsense store to install matched wireless cards on and configuring wireless networks on these devices for wifi and failover. I'll place them as far apart as I can, and on different power grids, and run the cables back to the central switch, where they can handle failover, load balancing, etc. Problem is, all this works well and good right now with virtual machines and virtual network cards, so I know it'll work fine with the wired side of the network, but what about the wireless aspect? How does failover work for wireless networks with pfsense? Will both just be broadcasting and clients will roam back and forth, and all failover to the working system when the wifi goes down? or is this setup more complicated with wifi network being broadcast only by one pfSense at a time, and failing back and forth as needed?
-
I would put the pfSense nodes next to the switch(es) in the server room, wiring closet, etc. and put real wireless access points in the most beneficial locations instead of trying to use wireless cards in your pfSense nodes.
-
That might make better sense since I'm currently using unifi for wireless, but if I'm not going to move wireless hardware into the pfsense box, I might be better off sticking with virtual again. That's less hardware to run and less power consumed over all.
-
Of all the reasons to make changes, moving from Unifi to wi-fi cards in pfSense would be a pretty big negative for me. Seems you need to identify exactly what your goals are for the changes.
-
My ultimate goal is to get a good, fast, extensible, reliable 802.11AC wifi network going that can handle short power outages (Using the available UPS that also protects the modem and present routers), host VPN connections from myself and family at school or work (low throughput, low priority), both at a relatively low price. I can handle the power outages and the VPN, but the 2.4GhZ band around here is crowded, and my present unifi is 2.4 N only. I want to move to 5GHz AC. Doing that with Unifi costs about $300/AP, but doing that with PFSense costs about $500/AP, and gets me a faster more capable routers at the cost of only minor extra power costs per month compared to the virtual router solution.. but after doing some reading, it looks like pfsense is a bit lacking in both AC support, and I'm still having my doubts about the failover capabilities of wifi with pfsync and carp.
-
If by "a bit lacking" you mean zero, zilch, nada and none on the horizon, then yes, pfSense support for 802.11ac is a bit lacking.
Do yourself a favor and stick with the Unifi or another wireless AP maker.
Your apparent desire to spread CARP/HA pfSense nodes with Wi-Fi adapters around the property where you should be putting APs is hard to grasp. Maybe I'm just misunderstanding your plan.
You're kind of wrapped around the axle about wi-fi "failover". The way you handle that is to make sure that if any AP goes down, there is another one reasonably close on the same SSID+VLAN for the clients to join. They should do so automatically.
CARP is layer 3 failover. Wi-Fi is layer 2.
CARP's job is that if you assign your clients a next-hop gateway and DNS Server of 192.168.100.1 and that router fails, the other one assumes the duties and "immediately" starts responding as 192.168.100.1 with minimal - often imperceptible - downtime for the clients. There is more to HA than CARP, such as pfSyncing states and DHCP server failover but that's the general sense of it.
-
If by "a bit lacking" you mean zero, zilch, nada and none on the horizon, then yes, pfSense support for 802.11ac is a bit lacking.
-
I'm still having my doubts about the failover capabilities of wifi with pfsync and carp.
Me too!
