I have a simple network setup where my fiber optic cable connects to the GPON and the CAT6 cable from the GPON connects to a openwrt router. The openwrt router then connects to a switch and the switch delivers internet to the wifi access point and my connected PCs.
Now I want to add a Pfsense backup router from the same gateway so that the CAT6 cable from the GPON will connect to the managed switch using VLAN and both router will also connect to the managed switch using VLAN so that, if one router fails, I can have continuous internet. The managed switch will also distribute internet to other networking devices using separate VLAN.
Maybe this sounds stupid but wondering if it is possible. if so, any guidance?
(https://i.ibb.co/x5sY5QV/Capture.png)
There are a few items you need to consider:
1. Will the GPON hand out addresses to both the openwrt and PFsense routers at the same time? Some ISPs limit customers to a single device, and if so you will not get any failover.
2. How do you plan on handling the inside to outside traffic flow? Assuming the openwrt router is the default gateway how will the endpoints know to start using the PFSense router instead?
3. You will still have a lot of single points of failures, and this setup only protects you from a failure of the openwrt router. If that is worth it is up to you. I would probably not bother, and if I was having issues with the openwrt router I would just replace it instead of trying to add redundancy.
4. Understand that you will still take an outage on failover because the NAT and connection tables will end up blank.
-Otanx
Going with what Otanx said, the PFsense router may be more usable as a cold spare. For redundancy, I've seen setups where there's a business connection that has two inbound cables from the ISP or one cable each from a different provider, then the two are either set up with a link balancer tool or with a high-availability pair of identical firewalls/routers that have a heartbeat between them so that NAT and connection tables are maintained.