Add a backup router to the internet using a managed switch

Started by adhossain, February 06, 2024, 03:55:02 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

adhossain

February 06, 2024, 03:55:02 AM Last Edit: February 06, 2024, 03:57:09 AM by adhossain
I have a simple network setup where my fiber optic cable connects to the GPON and the CAT6 cable from the GPON connects to a openwrt router. The openwrt router then connects to a switch and the switch delivers internet to the wifi access point and my connected PCs.
Now I want to add a Pfsense backup router from the same gateway so that the CAT6 cable from the GPON will connect to the managed switch using VLAN and both router will also connect to the managed switch using VLAN so that, if one router fails, I can have continuous internet. The managed switch will also distribute internet to other networking devices using separate VLAN.
Maybe this sounds stupid but wondering if it is possible. if so, any guidance?

Otanx

#1
February 06, 2024, 08:56:52 AM
There are a few items you need to consider:
1. Will the GPON hand out addresses to both the openwrt and PFsense routers at the same time? Some ISPs limit customers to a single device, and if so you will not get any failover.
2. How do you plan on handling the inside to outside traffic flow? Assuming the openwrt router is the default gateway how will the endpoints know to start using the PFSense router instead?
3. You will still have a lot of single points of failures, and this setup only protects you from a failure of the openwrt router. If that is worth it is up to you. I would probably not bother, and if I was having issues with the openwrt router I would just replace it instead of trying to add redundancy.
4. Understand that you will still take an outage on failover because the NAT and connection tables will end up blank.

-Otanx

deanwebb

#2
February 06, 2024, 09:54:37 AM
Going with what Otanx said, the PFsense router may be more usable as a cold spare. For redundancy, I've seen setups where there's a business connection that has two inbound cables from the ISP or one cable each from a different provider, then the two are either set up with a link balancer tool or with a high-availability pair of identical firewalls/routers that have a heartbeat between them so that NAT and connection tables are maintained.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.
Print
Go Up Pages1
User actions