pfSense Gold Subscription

Author Topic: Question for failover in virtualization enviroment  (Read 2226 times)

0 Members and 1 Guest are viewing this topic.

Offline fastcon68

  • Sr. Member
  • ****
  • Posts: 593
  • Karma: +0/-0
    • View Profile
Question for failover in virtualization enviroment
« on: December 28, 2008, 03:08:53 pm »
I was wondering if it was possible to run two PS-Sense server in a virtual enviroment for redunancy?

                                      (OpenVPN - 192.168.32.X) \
                      (WIFI optional Interface - 192.168.31.1)\

                                                        /- FW1 (192.168.30.1)---------------------\
                                                      / (SNORT,IPSEC, OpenVPN, NAT services) -----\
Internal Network (192.168.30.x) -----<                                                                  > ---- (Single External IP)
                                                      \ (SNORT,IPSEC, OpenVPN, NAT services)------/
                                                       \- FW2  (192.168.30.2----------------------/

                                         (OpenVPN - 192.168.32.X) /
                      (WIFI optional Interface - 192.168.31.1)/

I am in the process of installing and configuring OpenVPN, and have other services.  I just want to add reducancy to my firewall so that I can upgrade one and or fail it over.  I just need some assistance with this.
RC

Offline YoMarK

  • Jr. Member
  • **
  • Posts: 44
  • Karma: +0/-0
    • View Profile
Re: Question for failover in virtualization enviroment
« Reply #1 on: January 07, 2009, 09:55:09 am »
You can use CARP in pfSense to create environments like this. Virtual or "physical" does not matter, so I think it's better to move this topic to another subforum.

Offline bilbus

  • Jr. Member
  • **
  • Posts: 78
  • Karma: +0/-0
    • View Profile
Re: Question for failover in virtualization enviroment
« Reply #2 on: February 05, 2009, 10:11:12 pm »
CARP is the easiest way to do it.

If you have 2 ESX 3.5 servers with a san, you can use HA (will restart the server on the second server automaticly if the firts fails)
You will still need to wait for the vm to reboot onto the second server.

ESX 4.0 has HA + FT (not out yet) In the same situation there is zero downtime for a failed vm. It runs two VMs at the same time (active and pasive) Anything that happens on the primary is mirrored to secondary. Looks very good!

Offline MattMeyer

  • Newbie
  • *
  • Posts: 23
  • Karma: +0/-0
    • View Profile
Re: Question for failover in virtualization enviroment
« Reply #3 on: February 06, 2009, 03:05:10 pm »
ESX 4 with HA/FT will only support some of the lastest CPUs though.  Intel Penryn and AMD Greyhound-based processors, as an example.

Offline bilbus

  • Jr. Member
  • **
  • Posts: 78
  • Karma: +0/-0
    • View Profile
Re: Question for failover in virtualization enviroment
« Reply #4 on: February 06, 2009, 04:37:09 pm »
really, hmm good to know, i did not read that.

Offline MattMeyer

  • Newbie
  • *
  • Posts: 23
  • Karma: +0/-0
    • View Profile
Re: Question for failover in virtualization enviroment
« Reply #5 on: February 06, 2009, 05:12:59 pm »
I just happened to run across this today during my beta testing of ESX 4.  It's going to be really sweet when I get CPUs that can actually do it.  The stuff in ESX 4 is unreal.  I cannot wait till it goes RTM.