OVH Gateway for Failover IPs

OVH have a very odd way of assigning failover IPs for dedicated and VPS servers. 

I run a pfsense firewall on my virtual platform and all the internet traffic runs through that. 

Firstly you need to generate a virtual MAC in the OVH control panel which you need to assign to the WAN interface of your pfSense box. 

Next you need to add the IPs to the alias list on you pfSense machine.

Now this is where things get interesting! You need to add a couple of routes to allow pfSense to get out to the internet at all. You will need the gateway of your primary dedicated / VPS IP address, this will probably be on a different subnet to you new failover IPs.  In this example I will use 111.111.111.111 as my primary IP and the gateway for this IP will be 111.111.111.254.

From the shell of your pfSense box type:

route add -net 111.111.111.254/32 -iface em0

route add default 111.111.111.254

Your pfSense box should now be able to see the internet. 

You will also need to add a rule to allow your pfSense LAN out to the internet. Within the pfSense webConfig go to 

Firewall -> NAT

Click on outbound. Set it to manual outbound and add a mapping:

Interface: WAN

Source: (this should be your LAN i.e. 192.168.1.0/24)

Leave the rest as defaults and save. This should now allow your LAN traffic out on to the WAN.

The routes we typed earlier will not survive a reboot, in order to fix this go to the plugins and download shellcmd. Once this is installed simply add the two routes we typed above into shellcmd plugin (Services -> shellcmd)