Adding a failover IP to ESXi Host

Actually, with the old Kimsufi servers, with ESXi, you could enable IPv6, remove the IPv4 address, and manage only with IPv6. This allowed you to work around the one IPv4 address limitation with the Kimsufi servers and then use that as the pfSense "external" IP. You needed to clone the MAC of the Server to the pfSense interface to make it work, but it worked well, and the throughput was excellent.

I imagine you could do the same thing here (at your own risk of course) but you can modify the vKernel on the vSwitch and remove the IPv4 address that way.

But as said by Razakel, this would be a pretty silly idea, unless you are happy to manage with IPv6. My advice would be to use IPv4 if you can becuase when you have a server issue and you are on a network with no IPv6, you're screwed.

I just couldn't agree you more.
One more thing, when I turned to OVH/SYS support, they just kept sending me useless instructions about adding failover IPs to VMs.
That's quite annoying because they don't wanna understand my question and they just wanna close my ticket.

In conclusion, we still need pfSense to route so that ESXi could be reached via a failover IP? That's totally meaningless.
For ESXi, I just googled and found that IP alias is impossible for ESXi servers. Maybe it's the problem.

1) It's not actually possible with OVH.
2) When - not if - your pfSense VM goes down, you'd be screwed as you'd have no way to access any of the VM consoles.

Thanks for your reply.
I don't understand why I can't remove the primary server IP from ESXi?

It seems quite reasonable to allocate all failover IPs on pfSense since it's firewall anyway and all other VMs should behind it.
I was stuck at using failover IP to NAT VMs behind pfSense because the default pfSense wizard won't route LAN to WAN via failover IP.
I will try to use 1:N and 1:1 NAT and see how far I can go.

Sean Tsang

You could add a failover IP to your ESXi host, but you can't remove the primary server IP from it - so you'd effectively be wasting one of your IPs. Even if you were to do that, when - and not if - your pfSense VM goes down, you'd be screwed.

What it sounds like you want to do is add all your failover IPs to your pfSense VM and use that to NAT to your other VMs.

To do that, you'll need to add your failover IPs to the virtual MAC for the pfSense VM, then add an internal-only network adapter to it. Add the same adapter to your VMs, set up pfSense as a gateway, configure the local IP addressing, set up NAT for any services on the VMs you want to expose and you're good to go.

Greetings,

I am new here and would like to seek for some help.

I absolutely have no problem on assigning failover IPs to my VMs and have successfully configured a working pfsense VM to work as a VPN router.

However, I found it's kind of difficult to route my other VMs without public IP to WAN using the failover IP.
IE, to use a failover IP to NAT seems to be a bit complicated.

Therefore, I would like to preserve my principal IP and using a failover IP for my ESXi host instead.
So that my pfsense VM could use the IP that within the same subnetwork of gateway and acting as NAT server as well.

I know I can take away the IP from my ESXi and using a private IP or an IPv6 to connect.
However, I consider it's too risky to use a private IP because I have to keep my pfsense VM alive all the time.
Neither IPv6 will work because I don't have sufficient knowledge to play it and none of my workstations are 100% compatible to IPv6.
(It's all Dutch to me: http://help.ovh.com/Ipv4Ipv6)

In short, all I need to know is how I can add a failover IP to ESXi??? Not adding failover IPs to VMs.
To add a failover IP to VM has been well documented in http://help.ovh.co.uk/bridgeclient

If it's a dupe, please forgive me and let me know the solution.
It has taken me approx. 48 hours of non-stop googling and found nothing about adding a failover IP to my ESXi server.

Help !! I think there are tons of OVH/SYS users in the same boat with me.

Any help would be deeply appreciated.

Sean Tsang