Adding OVH fail-over IPs to our pfSense 1.2.X configuration

This setting is only valid for pfSense 1.2.X configuration using routing instead of NAT like explained in this post. A version for pfSense 2.0 can be foundhere.

IP Fail-over

Fail-over IPs are IPs that you can assign to any host server you have with OVH. When the host fails, assign the IP to another host running the same service. This allow to guarantee continuity of the service !

The setting is very easy ! Remember my network schema I use for testing :

network schema

I will add a fail-over IP 192.168.168.2 to my WEB server running in 10.0.0.2 on the left. I just have to add one static route definition like this :

new route

Then I update firewall rules to handle this new address, but I have two ways :

  • First I can duplicate each entries about 10.0.0.2 in the OPT1 and WAN rule tab and replace the 10.0.0.2 by 192.168.168.2 in the new entry.
  • Or, my favorite one, I can use host aliases !

Using aliases

I create a webserver host alias and assign it both addresses : 10.0.0.2 and 192.168.168.2.

new host alias

Then I use the name webserver instead of IP 10.0.0.2 in all my firewall rules :

update firewall rules

Don't forget to add the new IP to your host

That's it

You will ask why I don't need to add a Virtual IP proxy ARP definition ! You are right we need one ! But I thing adding a route to one single host also create the proxy ARP inside the system itself. Linux is doing thing like that too. If you are scared you can add Virtual IP if you want.

Add new comment