OPNsense Forum
English Forums => High availability => Topic started by: Eloïse on January 23, 2023, 09:52:05 pm
-
Hello, I'm quite new to opnsense, I've installed opnsense as a front router in a proxmox VM just behind a fiber ONT.
It works perfectly but now I want to consolidate this setup by adding another opnsense in HA cluster and adding an LTE box as a failover if fiber ISP is failing.
Can I make this :
________
Opnsense1 wan1-----ı switch ı
ı ı------ONT
Opnsense2 wan1-----ı ı
––––––––
-----------
Opnsense1 wan2-----ı switch ı
ı ı------LTE box
Opnsense2 wan2-----ı ı
––––––––
Thanks for your help.
-
Hi Eloïse,
I think you are really asking two questions here.
1. How do you make the LTE circuit a failover circuit.
2. How can you apply this failover logic to a set of opnsense boxes running in HA.
For question 1, I think what you are looking for is a gateway group. You essentially create a group that contains your different gateways (ONT and LTE) and give each gateway a priority so one is preferred over another until it fails or has performance issues like packet loss and latency.
https://docs.opnsense.org/manual/multiwan.html (https://docs.opnsense.org/manual/multiwan.html)
For question 2, in order for multiple boxes to share a WAN connection the circuits must be larger than a /30 (255.255.255.252) since you need to use 3x IP address (1x for service provider, 1x for opnsense1, 1x for opnsense2). Assuming this is not a problem, you would simply create the same gateway group on each box where ONT is preferred until it fails which activates LTE. Would look something like the attached.
-
Hello,
I have almost the same configuration (with ADSL and PPPoE connection instead of LTE) and it is possible. However, I currently have a little problem with the use of ONT because I don't have a router upstream (https://forum.opnsense.org/index.php?topic=32377.0)