Testing pfSense High Availability with PingPlotter

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
okay so i just wanted to make a quick video about sort of the behind the scenes of pfsense high availability and what happens when the primary server goes offline and all the traffic is handed off to the backup server so we're going to use ping plotter and we're just pinging every second to google.com and as you can see here um it's been running for a while of several minutes and just to sort of give us a baseline that like yes occasionally there's you know some sort of weird you know increase in latency for whatever reason um but you know for the most part everything is solid and working and this ping plotter is actually using the uh the two virtual box the the two psense installs that that are running right here okay so so this computer is actually using these two uh pf sense installs for its internet connection all right so what we're gonna do is just shut down pfsense one and let the traffic get handed off to the psense2 and just see is it a two second delay five second delay ten second delay does it work at all uh do we lose internet connection you know until the master comes back online and uh i've got a video maybe two videos uh that describes sort of the high availability setup and how you get that all you know working and configured and um but real quick we'll just take a look at pfsense one and two and their current statuses so over here i've got pfsense1 the carp ips or the carp interfaces with the wan and lan ips are set for master and on pfsense2 right now those are backup okay so what should happen is if pfsense1 for whatever reason has a problem gets shut down whatever psense 2 should take over and become the master for the two virtual ips for the win and lan and ping plotter should really show kind of no big problem all right that's sort of what i'm expecting is we we may see a slight increase in latency for you know a second or two but we really shouldn't have this you know catastrophic failure of the internet because one server goes down so we'll go ahead and do uh the shutdown of pfsense one and i'm not gonna do anything you know crazy like you know simulate a cable being unpulled or whatever i'm just gonna shut it down i'm gonna see what would happen if the uh if the server just got you know shut down or the power went off whatever so six is halt system and yes we do want to halt it and um this is probably going to take well i don't know a few seconds to go ahead and and get offline but we'll just keep checking the status of pfsense2 here to see if uh to see if if it becomes master like it's supposed to so status car failover and it's master now all right so pf sense one is is shut down it's not online at all and pfsense took pfsense 2 took over and is now the master and there really wasn't you know anything noticeable on the client's end which is good that's what it's supposed to do right um so let's just make sure that pfsense2 is master and that psense one is not even accessible anymore let's refresh the page and yeah pfsense1 is not not responding all right so that's right um so now the question is what happens when psense one comes back online and psense two turns over the reins back to pf sense one is there a problem then so let's go ahead and boot up this and we'll see what happens and then after all this i'm going to shut both of them down just to prove that this pink plotter is actually using um these two psense installs as it's as this gateway as this firewall so uh so far everything looks good psense2 still master because psn1 still really is still finishing its boot and within the next few seconds it should be ready to go and let's just keep an eye on pink potter here okay so that probably is finished let's refresh this should go back to backup it did and we'll go back here probably to sign in again go back to the cart failover interface it's back to master and really no problems here so that's great and now what we'll do is see first what happens if you shut down pfsense2 which nothing should happen there there should be no problem right because it's not really changing anything but we'll just check and make sure we're going to cover all the bases here and just make sure that there's no weird odd things that happen like oh no when you shut down the backup the internet goes down for some reason and again ping plotter seems seems to be happy so we'll just put this here and um all right so pfsense2 should no longer be responding it's not and it's shut down and let's go ahead and shut down the essence one and the internet should go down with it there it goes and let's see how long it takes for the internet to die web interface is no longer accessible on psn2 for obvious reasons psense1 and uh oh we have a problem we have lost connection to google.com and it's like gee i wonder why so both the firewalls are turned off uh we have completely lost internet connection and um so to me that's sort of like just proving that you know i'm not trying to pull anything you know funny here so let's go ahead now and um let's do a test where we power up pf sense 2 first all right so we've had some sort of weird catastrophic problem we can only get the secondary firewall booted up so let's see what happens does it uh do what it's supposed to do does it take over so this is pfsense2 booting so a bit out of order but you would expect this to be able to at boot go ahead and recognize that psense one is not there and assume the role here we go and it looks like we're back online cool okay so we'll put this one back down here power up pf sense one and there should be both firewalls back to being booted up we can access the web interface and um we shouldn't really have a problem ideally if everything goes according to plan let's see psn2 should be available now the backup that means psn's one must have just taken back over it's back to master there we go everyone is happy the firewalls are happy the network is happy the customers are happy the clients are happy the servers are happy everyone's happy all right so that is basically just a demonstration of um you know what sort of is happening behind the scenes how does the network react and um you know what's going on like i said before i've got a video maybe even two videos on how to get this set up so if you're not really sure what is going on here with the uh the carp interfaces and the virtual ips and the the master backup relationship um then feel free to watch those um and that will give you a bit of a bit of uh a sense of what's going on here so um that's gonna do it for this video sorry it's so short but uh thanks for watching
Info
Channel: Rocket City Tech
Views: 599
Rating: undefined out of 5
Keywords:
Id: B6OmbppGI3E
Channel Id: undefined
Length: 10min 30sec (630 seconds)
Published: Sat May 16 2020
Related Videos
Load Balancing vs High Availability
edutechional
35K
RSAT Toolkit with Samba 4 AD Domain + DNS options
Rocket City Tech
11K
Security & Intrusion Detection With pfsense, Suricata, pfblocker and blocking what's missed
Lawrence Systems
68K
pfSense Transparent Squid Proxy, SSL Man In The Middle, Clam AntiVirus, and Windows Updates
Rocket City Tech
37K
NAT Port Forwarding in pfSense 2.4
Rocket City Tech
28K
pfsense and Rules For IoT Devices with mDNS
Lawrence Systems
94K
Implementing High Availability with PostgreSQL
Andrea Ross
17K
High Availability Architecture
Veritas Technologies LLC
55K
Firewall Comparison: Ubiquiti EdgeRouter / Ubiquiti UniFi USG / Untangle / pfsense
Lawrence Systems
113K
YAESU FT-891 RTTY Reception & Transceiver Control Software
Microelectronics Lab
51
Getting Started with Pacemaker - Linux High Availability & Clustering
Robert Thomas
59K
The End of Crypto?
The Agenda with Steve Paikin
1K
pfSense - LAGG, LACP, TRUNK
Rocket City Tech
14K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.