[pfSense] Replacing a Linux router with pfSense
lists at pingle.org
Wed Sep 21 08:28:14 EDT 2011
> On Wed, Sep 21, 2011 at 5:13 AM, David Brown <david at westcontrol.com> wrote:
>> First, on the Linux system I have two hard disks, each with two partitions.
>> The first partition on each is set as a software RAID1 and contains the OS,
>> configuration, data, etc. The second partition on each is separate and
>> contains a squid cache. Thus the system will boot and run fine even if one
>> disk fails (losing half the squid cache will not be harmful). Can I do
>> something similar with pfSense? I know a great deal about Linux software
>> raid, but nothing about FreeBSD.
> FreeBSD does soft RAID, but I can't tell you the state of it in
> pfsense. Somebody here will chime in.
gmirror works great. I've been using it for years on pfSense with much
success. There is even a gmirror monitor widget for the dashboard.
On 9/21/2011 8:10 AM, Seth Mos wrote:
> On 21-9-2011 13:26, David Burgess wrote:
>>> I am seriously considering getting two pfSense boxes with CARP failover.
>>> Does this require identical hardware on the two systems (or perhaps
>>> identical network card setups)?
>> I don't think this is a requirement for CARP.
> This is not a requirement, however, if the master is gigabit make sure
> the backup has gigabit too.
The hardware doesn't have to be the same, but the number of assigned
NICs and the order in which they were assigned must be the same.
>>> How much information is passed over the
>>> link between the boxes - does it cover all setup, configuration,
>>> rules, dhcp
>>> leases, etc.? How often does this synchronisation take place?
>> Not sure.
> It synchronizes state for traffic failover, the rest is toggle boxes on
> the virtuall IP settings page. Leases are not transferred, static
> mappings are, you can do DHCP on both nodes with failover, see the DHCP
> settings page for that.
If you have DHCP sync checked and failover configured, the lease
databases should be synchronizing IIRC, it's just done by DHCP itself
and not by the XMLRPC sync process.
More information about the List