I have two separate buildings that are connected via fiber. Each location has their own Internet connection, perimeter firewall, and multiple internal firewalls (one internal firewall shown in picture for simplicity). If I connected the two intermediate switches together over the fiber link and add static routes on the perimeter firewalls for the internal firewalls in the other buildings, would that work to set up Internet redundancy or failover?
Hi Jeff,
Welcome to the forum.
Unfortunately this is something that ipfire does not support.
It is supported on other firewalls such as pfsense or devices such a tp-link load balancer/firewall.
It should be possible to do it using routing and scripts to determine if links are down.
As a down link could be just as simple as a cut or unplugged cable.
The other issue is to present a single ip as a master/slave setup using something like carp.
So that if one device becomes unavailable then the details are rerouted via second device.
Issue here is that firewalls will not hold state for current rules.
pfsense gets around this by syncing the states.
BR
Joe.
1 Like