Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 7 subscribers
  • Views 1009 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM Link Balancing/Failover with Same IP address

Josh Marchant

We have a main fibre leased line and an ADSL backup. Only one of these an be used at the same time, and they can both use the same IP address if not connected at the same time. 

I want to set up uplink balancing with the main link as active and the ADSL one as standby, but make it so that when the main link goes offline the standby one uses the same IP address that the active one does when its working. 

Can anyone advise some steps to achieve this?



This thread was automatically locked due to age.
Parents
  • 0

    The help file has been updated recently and is a pretty good thing to read if you haven't done so. Log into your UTM, go to the Uplink Balancing tab, then click on the '?' at the top of the admin page.  It will take you to the help file for it. 

    But basically, you would enable it, add your two lines respectively (active and standby), and in your edit scheduler, you have to assign 'weight' to the line, up to a value of 100.  The help file explains the values pretty good, but should be straight forward in the interface.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • 0 in reply to Amodin

    Thanks - I did read that before posting this and it is informative. The part I'm more asking about though is them both having the same IP. Will the system just allow this if I set them both up the same or not? Are there any steps required to ensure the active monitoring works if they both have the same IP? I.e if the standby one takes over the IP, how will it check that the active one is back online?

  • 0 in reply to Josh Marchant

    I am not 100% sure on this, but I am going to guess 'no'.  The interfaces most likely (99.9% sure) won't allow the same IP assigned to two interfaces.  I'm not sure what the reason is behind the identical IP but fail over activity is checked by the UTM and should switch back when it's back online.  

    I'd be more inclined to set up a second HA/Standby UTM in a VM if possible.  

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Reply
  • 0 in reply to Josh Marchant

    I am not 100% sure on this, but I am going to guess 'no'.  The interfaces most likely (99.9% sure) won't allow the same IP assigned to two interfaces.  I'm not sure what the reason is behind the identical IP but fail over activity is checked by the UTM and should switch back when it's back online.  

    I'd be more inclined to set up a second HA/Standby UTM in a VM if possible.  

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Children
  • 0 in reply to Amodin

    The main reason for wanting to keep the same IP is because remote users connect to a sub-domain that is pointed at it, so if the main line goes offline the remote users still need to be able to connect via the backup interface. 

    Would there be a better would of achieving this do you think?

  • +1 in reply to Josh Marchant

    You can accomplish this with a simple DNS A record, using either your own DNS or DynDNS services which are free and modifying your VPN a tad to match.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Unfiltered HTML