OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • High availability »
  • Is this HA config possible ?
« previous next »
  • Print
Pages: [1]

Author Topic: Is this HA config possible ?  (Read 1876 times)

Eloïse

  • Newbie
  • *
  • Posts: 1
  • Karma: 0
    • View Profile
Is this HA config possible ?
« on: January 23, 2023, 09:52:05 pm »
Hello, I'm quite new to opnsense, I've installed opnsense as a front router in a proxmox VM just behind a fiber ONT.
It works perfectly but now I want to consolidate this setup by adding another opnsense in HA cluster and adding an LTE box as a failover if fiber ISP is failing.
Can I make this :

                                    ________
     Opnsense1 wan1-----ı  switch  ı
                                    ı             ı------ONT
     Opnsense2 wan1-----ı             ı
                                    ––––––––
                                    -----------
     Opnsense1 wan2-----ı  switch  ı
                                    ı             ı------LTE box
     Opnsense2 wan2-----ı             ı
                                    ––––––––

Thanks for your help.
Logged

WaffleIron

  • Newbie
  • *
  • Posts: 17
  • Karma: 3
    • View Profile
Re: Is this HA config possible ?
« Reply #1 on: January 29, 2023, 06:49:10 pm »
Hi Eloïse,

I think you are really asking two questions here.
1. How do you make the LTE circuit a failover circuit.
2. How can you apply this failover logic to a set of opnsense boxes running in HA.

For question 1, I think what you are looking for is a gateway group.  You essentially create a group that contains your different gateways (ONT and LTE) and give each gateway a priority so one is preferred over another until it fails or has performance issues like packet loss and latency.
https://docs.opnsense.org/manual/multiwan.html

For question 2, in order for multiple boxes to share a WAN connection the circuits must be larger than a /30 (255.255.255.252) since you need to use 3x IP address (1x for service provider, 1x for opnsense1, 1x for opnsense2).  Assuming this is not a problem, you would simply create the same gateway group on each box where ONT is preferred until it fails which activates LTE.  Would look something like the attached.
Logged

rodgers-95

  • Newbie
  • *
  • Posts: 2
  • Karma: 0
    • View Profile
Re: Is this HA config possible ?
« Reply #2 on: February 07, 2023, 07:32:32 pm »
Hello,

I have almost the same configuration (with ADSL and PPPoE connection instead of LTE) and it is possible. However, I currently have a little problem with the use of ONT because I don't have a router upstream (https://forum.opnsense.org/index.php?topic=32377.0)
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • High availability »
  • Is this HA config possible ?
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2