OPNsense Forum
English Forums => High availability => Topic started by: paulrbeers on January 13, 2021, 02:46:10 pm
-
Current setup using a Unifi Security Gateway that acts as my DNS and DHCP server. I have several VLAN's that all are dependent upon my USG. Recently I made an update and something failed to update and it went down (hard). This took my entire network since no DNS and DHCP server was available. The problem then was I couldn't redo the USG because my controller was on one of the VM's on my VM Cluster. Seriously, I have Proxmox HA setup on my VM servers, I have a Gluster supporting those as well as redundant networking. The only thing I couldn't lose with my USG. Murphy's law right?
Anyhoo. Truthfully I don't care as much about HA when it comes to internet. If I lost my Master OpnSense box, if all I had to do was pull the WAN Ethernet and plug it into the Slave, and we were back up and running for Internet, no big deal. BUT I need internal routing to continue. No matter what.
So what I want:
Network Switches w/ VLANs-> Opnsense Master -> Wan (Cable modem w/ DHCP)
Network Switches w/ VLANs- - > Opnsense Slave -> No Wan
Yes both boxes will have 3 Ethernet ports so I can do a Sync connection between them, but (short of putting another router between my modem and Opnsense which brings me back to a single point of failure), I don't know if I can do what I want to do? And I get that HA isn't probably used in a setup like mine.