1
High availability / Single virtual firewall failover (no gateway)
« on: November 11, 2023, 09:45:06 am »
So I have a setup of 3 nodes with a single VM running opnsense.
My wan is connected to my switch and vlaned into the network.
Everything works fine, I can migrate opnsense between hosts without issue.
However if I pull the power on the active host and opnsense cold starts on another the gateway interface stays in a down state. The only two things I can do to bring it back is to restart the hfc termination box or bring the original host back up and migrate the opnsense vm back onto it.
So I'm confused about what's going on here. I know many ISPS will lock to a MAC for the firewall but the MAC on the VM doesn't change. Migrating works but cold starts/recovery does not.
Any ideas? If you can't tell I'm not a network guy.
My wan is connected to my switch and vlaned into the network.
Everything works fine, I can migrate opnsense between hosts without issue.
However if I pull the power on the active host and opnsense cold starts on another the gateway interface stays in a down state. The only two things I can do to bring it back is to restart the hfc termination box or bring the original host back up and migrate the opnsense vm back onto it.
So I'm confused about what's going on here. I know many ISPS will lock to a MAC for the firewall but the MAC on the VM doesn't change. Migrating works but cold starts/recovery does not.
Any ideas? If you can't tell I'm not a network guy.