OPNsense Forum

English Forums => High availability => Topic started by: msmarcapo on September 08, 2022, 11:51:30 am

Title: HA with 3 nodes
Post by: msmarcapo on September 08, 2022, 11:51:30 am

Hello,
is it possible to create an 3 node HA stack?

From here it sounds like possible

Quote

OPNsense utilizes the Common Address Redundancy Protocol or CARP for hardware failover. Two or more firewalls can be configured as a failover group. If one interface fails on the primary or the primary goes offline entirely, the secondary becomes active.

https://docs.opnsense.org/manual/hacarp.html?highlight=high

But i cant find any example, questions or topics for this.
How can we achieve this? Are there any guide we can follow? Any experiences?

Thanks for Help!

Title: Re: HA with 3 nodes
Post by: coatmaker618 on September 13, 2022, 06:40:49 pm

I was just about to ask this too!

It seems trivial to do with CARP, but I don't see a way to sync any of the info to more than 1 node using PFSync :(

Title: Re: HA with 3 nodes
Post by: msmarcapo on September 16, 2022, 12:20:57 pm

Quote from: coatmaker618 on September 13, 2022, 06:40:49 pm

I was just about to ask this too!

It seems trivial to do with CARP, but I don't see a way to sync any of the info to more than 1 node using PFSync :(

For me its not perfect, but it works.
Sync the config from Node 1 to 2 and from 2 to 3 works fine. You just have to be careful with changes while Node1 is offline.
For the connectionsync (pfsync) just use a multicast network.

So there are no node limits.