[talk] Who's built redundant pfsense setups?

Justin Sherrill justin at shiningsilence.com
Fri Dec 5 09:36:53 EST 2014


On Thu, Dec 4, 2014 at 2:34 PM, Sevan / Venture37 <venture37 at gmail.com> wrote:
>So I'd say buy a switch which actually supports STP/RSTP (not "loop protection" as per
> budget HP grear) & allows the configuration & VLAN's. that should be sufficient.

I have a pair of Netgate C2758 units, a 10m link through Time Warner,
and a 3m link through Windstream, and a single switch that acts as the
gateway for the company.  Looking at the docs, and going by what you
said, it appears I need:

2 switches talking STP
2 ports on each pfsense device to reach those two switches
1 port on each pfsense device to talk to each other, for pfsync.
1 port on each pfsense device to talk to the inside of the network.

I suppose I could eliminate that internal switch as the gateway for
the internal network, and point at the virtual IP for the pfsense
devices instead, to reduce complexity.



More information about the talk mailing list