1
High availability / Hardware fall-over after master gateway goes down - but WAN-interface stays up
« on: October 25, 2021, 07:18:27 pm »
As topic says. I currently have a setup where we have 2 internet upstreams with VRRP redundancy from our ISP. Right-now we have 2 OPNSense boxes who are also redundantly configured with CARP and High-Availability.
The 2 OPNSense-boxes have their WAN-ports connected to a single switch which is connected to the 2 uplinks of the ISP. This works, whenever 1 link goes down (either on the fiber or the Ethernet-side) the ISP switches to the secondary link and whenever I pull out a OPNSense-box the CARP/HA makes the switch seamless from my LAN-point-of-view.
To me it seems the switch now has become a single point of failure. Whenever the switch connected to both ISP-uplinks dies, the entire setup dies. Is it possible in the 'default' OPNSense-box to trigger a HA-fallover whenever the master has a gateway which goes 'down'/'offline' ? Or is HA-Fallover only happening when one of the ports 'physically' goes down ?
The 2 OPNSense-boxes have their WAN-ports connected to a single switch which is connected to the 2 uplinks of the ISP. This works, whenever 1 link goes down (either on the fiber or the Ethernet-side) the ISP switches to the secondary link and whenever I pull out a OPNSense-box the CARP/HA makes the switch seamless from my LAN-point-of-view.
To me it seems the switch now has become a single point of failure. Whenever the switch connected to both ISP-uplinks dies, the entire setup dies. Is it possible in the 'default' OPNSense-box to trigger a HA-fallover whenever the master has a gateway which goes 'down'/'offline' ? Or is HA-Fallover only happening when one of the ports 'physically' goes down ?