One of the main selling points of incorporating pfSense into our networks is that it facilitates reliability. This is often expressed in terms of two components: redundancy and high availability. Redundancy is defined as the duplication of critical components. This can mean either passive or active redundancy—with passive redundancy, we incorporate excess capacity into a network, so that when a component fails, resources are still available. Active redundancy involves monitoring components and performing an automatic reconfiguration if a component fails. High availability means ensuring a specified level of operational performance over a period of time, for example, 99.9% uptime.

pfSense incorporates redundancy and high availability via multi-WAN setups, server load balancing, and Common Address Redundancy Protocol (CARP). Multi-WAN configurations allow you to have more than one outbound interface, either to aggregate multiple internet connections, or to guarantee that if one internet connection goes down, you still have internet access. Server load balancing allows us to set up a server pool, thus distributing the workload across multiple, redundant servers, and ensuring that as long as one of the servers in the pool is still online, the resource will be available. CARP is a way of ensuring that the firewall itself remains online even in the event of a catastrophic hardware failure. Such a configuration involves having two (or more) firewalls. The secondary firewall is inactive, but is ready to take over as soon as the primary firewall goes offline. We will consider all of these forms of redundancy and high availability in this chapter.