2018-01-30 10:40:13 +00:00
|
|
|
|
=====================================
|
2019-08-27 13:34:44 +00:00
|
|
|
|
High Availability
|
2018-01-30 10:40:13 +00:00
|
|
|
|
=====================================
|
|
|
|
|
OPNsense utilizes the Common Address Redundancy Protocol or CARP for hardware
|
|
|
|
|
failover. Two or more firewalls can be configured as a failover group. If one
|
|
|
|
|
interface fails on the primary or the primary goes offline entirely, the
|
|
|
|
|
secondary becomes active.
|
|
|
|
|
|
|
|
|
|
Utilizing this powerful feature of OPNsense creates a fully redundant firewall
|
|
|
|
|
with automatic and seamless fail-over. While switching to the backup network
|
|
|
|
|
connections will stay active with minimal interruption for the users.
|
|
|
|
|
|
|
|
|
|
.. image:: images/light_bulbs.png
|
2018-07-31 14:51:11 +00:00
|
|
|
|
:width: 100%
|
2018-01-30 10:40:13 +00:00
|
|
|
|
|
2019-08-27 13:34:44 +00:00
|
|
|
|
|
|
|
|
|
-----------------------------
|
|
|
|
|
Workflow
|
|
|
|
|
-----------------------------
|
|
|
|
|
|
|
|
|
|
Although its not required to synchronize the configuration from the master machine to the backup, a lot of people
|
|
|
|
|
would like to keep both systems (partially) the same.
|
|
|
|
|
|
|
|
|
|
To prevent issues spreading over both machines at the same time, we choose to only update on command (see the status page).
|
|
|
|
|
|
|
|
|
|
Our worklow looks like this:
|
|
|
|
|
|
|
|
|
|
.. blockdiag::
|
|
|
|
|
:desctable:
|
|
|
|
|
|
|
|
|
|
blockdiag {
|
|
|
|
|
update1 [label="Master\nUpdate 1"];
|
|
|
|
|
update2 [label="Master\nUpdate 2"];
|
|
|
|
|
updaten [label="Master\nUpdate N"];
|
|
|
|
|
sync [label="Synchronize\nBackup"];
|
|
|
|
|
update1 -> update2 ;
|
|
|
|
|
update2 -> updaten [label=".."];
|
|
|
|
|
updaten -> sync;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
First commit all changes to the master, then update the backup while knowing the master is still properly configured.
|
|
|
|
|
|
|
|
|
|
.. Note::
|
|
|
|
|
|
|
|
|
|
In case of an emergency, you should still be able to switch to the backup node when changes cause issues, since
|
|
|
|
|
the backup machine is left in a known good state during the whole process.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
-----------------------------
|
|
|
|
|
Settings
|
|
|
|
|
-----------------------------
|
|
|
|
|
|
|
|
|
|
............................
|
2018-01-30 10:40:13 +00:00
|
|
|
|
Automatic failover
|
2019-08-27 13:34:44 +00:00
|
|
|
|
............................
|
2018-01-30 10:40:13 +00:00
|
|
|
|
|
|
|
|
|
If the primary firewall becomes unavailable, the secondary firewall will take
|
|
|
|
|
over without user intervention and minimal interruption.
|
|
|
|
|
|
2019-08-27 13:34:44 +00:00
|
|
|
|
Virtual IPs of the type CARP (:doc:`/manual/firewall_vip`) are required for this feature.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
............................
|
2018-01-30 10:40:13 +00:00
|
|
|
|
Synchronized state tables
|
2019-08-27 13:34:44 +00:00
|
|
|
|
............................
|
2018-01-30 10:40:13 +00:00
|
|
|
|
|
|
|
|
|
The firewall’s state table is replicated to all failover configured firewalls.
|
|
|
|
|
This means the existing connections will be maintained in case of a failure,
|
|
|
|
|
which is important to prevent network disruptions.
|
|
|
|
|
|
2019-08-27 13:34:44 +00:00
|
|
|
|
.................................
|
2018-01-30 10:40:13 +00:00
|
|
|
|
Configuration synchronization
|
2019-08-27 13:34:44 +00:00
|
|
|
|
.................................
|
2018-01-30 10:40:13 +00:00
|
|
|
|
|
|
|
|
|
OPNsense includes configuration synchronization capabilities. Configuration
|
2019-08-27 13:34:44 +00:00
|
|
|
|
changes made on the primary system are synchronized on demand to the secondary firewall.
|
|
|
|
|
|
2018-01-30 10:40:13 +00:00
|
|
|
|
|
2019-08-27 13:34:44 +00:00
|
|
|
|
............................
|
2018-01-30 10:40:13 +00:00
|
|
|
|
Configure HA CARP
|
2019-08-27 13:34:44 +00:00
|
|
|
|
............................
|
2018-01-30 10:40:13 +00:00
|
|
|
|
|
|
|
|
|
For detailed setup guide see: :doc:`/manual/how-tos/carp`
|
2019-08-27 13:34:44 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
-----------------------------
|
|
|
|
|
Status
|
|
|
|
|
-----------------------------
|
|
|
|
|
|
|
|
|
|
The status page connects to the backup host configured earlier and show all services running on the backup server.
|
|
|
|
|
With this page you can update the backup machine and restart services if needed.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
.. Tip::
|
|
|
|
|
|
|
|
|
|
.. raw:: html
|
|
|
|
|
|
|
|
|
|
Use the refresh <i class="fa fa-info-refresh fa-fw"></i> button to update the backup node and restart all services at once.
|