Dec 222014

I recently had some issues with my single pfSense VM crashing, bringing down the whole entire network with it.

I thought the problem was flakey hardware, so I setup a second pfSense VM…and that crashed too.
So I decided to setup pfSense in high availability mode with CARP. The only problem there being that I’m on ADSL, with a single modem to share between 2 pfSense servers.

After I followed the CARP Guide from pfSense, I’d end up with 2 PPPoE sessions open. One from each pfSense server.

The solution to that was to change the WAN interface configuration on the backup CARP node to be a dial-on-demand configuration, and by disabling apinger by disabling Gateway Monitoring. With this configuration, since the backup node has no traffic directed at it, the WAN link stays down until the primary CARP node goes down. Then, the backup node will establish a PPPoE session to the internet.