I don't know if this question has already been answered. I have no idea how to search for it because I don't know the proper search term. I have tried googling to no avail. My problem is simple. Two pfSense routers, matched in every way, both set up in a failover scheme. One goes down, the other picks up the pace. I have only one internet connection. It is a simple cable modem, granting an IP address that is NOT part of a private scheme. Completely raw connection. How do I split the connection coming out of the modem? I do not wish to put another router between the two ends, as that would defeat the purpose of redundancy. I also do not wish to get another Internet connection, that is silly. As I read the workings of pfSense, only one router is doing any of the work in a failover scheme; the other router is just there to be an active backup plan. So, there is no IP address issues, as long as both routers are configured with the same stuff for the WAN side. Is this even possible within the laws of physics? Any help at all would be appreciated, thanks!
I am having a strange problem>>>
- Thread starter pfsense
- Start date
- Oct 25, 1999
- 29,552
- 429
- 126
VirtualLarry
No Lifer
- Aug 25, 2001
- 56,587
- 10,225
- 126
I'm really not sure how you would do this, unless your pfsense router cloned the MAC address of the WAN interface from the primary pfsense router to the secondary. Reason being that most consumer cablemodems bind to the first CPE MAC address they see on the wire (LAN) after they are powered on.
Most modems have more than 1 port. Just hook the backup to that. If it doesn't you are going to need to add a switch connecting routers and modem.
Follow this guide to setup the firewalls. You don't want them completely identical. They each need their own LAN IP. They will share a virtual IP.
https://doc.pfsense.org/index.php/Configuring_pfSense_Hardware_Redundancy_%28CARP%29
It should use a virtual MAC address for the routers as well so hopefully you don't run into any issue with the cable modem. Unless of course the ISP is also using VRRP and happens to have something with the same 00-00-5E-00-01-XX address that your pfsense routers pick in the broadcast range.
Follow this guide to setup the firewalls. You don't want them completely identical. They each need their own LAN IP. They will share a virtual IP.
https://doc.pfsense.org/index.php/Configuring_pfSense_Hardware_Redundancy_%28CARP%29
It should use a virtual MAC address for the routers as well so hopefully you don't run into any issue with the cable modem. Unless of course the ISP is also using VRRP and happens to have something with the same 00-00-5E-00-01-XX address that your pfsense routers pick in the broadcast range.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 22K
-
News NVIDIA and Intel to Develop AI Infrastructure and Personal Computing Products- Started by poke01
- Replies: 384
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
Facebook
Twitter