Evaluasi Kinerja High Availability Firewall pfSense Menggunakan CARP pada Jaringan LokaL

Authors

  • Ade Frihadi Universitas Sains Indonesia
  • Silviana Windasari Universitas Sains Indonesia
  • Abdurohman Abdurohman Atma Jaya Catholic University of Indonesia

DOI:

https://doi.org/10.55606/jupikom.v5i1.6746

Keywords:

PfSense, High Availability, CARP, Firewall, Failover

Abstract

The availability of network services is a crucial factor in supporting organizational activities,
particularly in environments that rely on continuous network connectivity. Disruptions to firewall
devices can cause the entire network service to stop, as firewalls function as the central point for
security enforcement and traffic management. One solution to address this issue is the implementation
of a High Availability (HA) mechanism. This study aims to evaluate the performance of a High
Availability system on a pfSense firewall using the Common Address Redundancy Protocol (CARP) in
a local network environment. The research method employed is an experimental approach by
deploying two pfSense devices configured in a master–backup scheme. Testing was conducted by
simulating failures on the primary firewall and measuring network performance parameters, including
failover time, packet loss, delay, and connection stability during the service transition process. The
results show that the implementation of CARP on the pfSense firewall is capable of performing
automatic failover with relatively short service switching time and minimal network disruption.
Network connectivity can be well maintained, particularly for TCP-based services, indicating that this
High Availability system is effective in improving the reliability and availability of local networks. This
study is expected to serve as a reference for implementing pfSense-based redundant firewall systems
in small- to medium-scale network environments.

References

E. Tabaku and E. Duçi, “Optimizing High Availability in Educational Systems Using Xen Paravirtualization,” J. Educ. Soc. Res.,

vol. 15, no. 2, pp. 205–225, 2025, doi: 10.36941/jesr-2025-0054.

M. Tornatore, T. Gomes, C. Mas-Machuca, S. Ayoubi, E. Oki, and C. Assi, “Guest Editors’ Introduction: Special Section on

Design and Management of Reliable Communication Networks,” IEEE Trans. Netw. Serv. Manag., vol. 18, no. 3, pp. 2455–2459,

2021, doi: 10.1109/TNSM.2021.3103145.

C.-S. Chao, “Developing a Feasible Firewall System with Parallel Rule Allocation Optimization for High Service Availability

under Large-Scale Network Attacks,” in 2023 IEEE 5th Eurasia Conference on IOT, Communication and Engineering (ECICE), 2023,

pp. 56–60. doi: 10.1109/ECICE59523.2023.10383082.

F. P. E. Putra, M. Dafid, and I. Syafi’i, “Firewall Implementation as a Computer Network Security Strategy for Data Protection,”

Brill. Res. Artif. Intell., vol. 5, no. 1, pp. 291–297, 2025, doi: 10.47709/brilliance.v5i1.6162.

A.-D. Tudosi, D. G. Balan, and A. D. Potorac, “Secure network architecture based on distributed firewalls,” in 2022 International

Conference on Development and Application Systems (DAS), 2022, pp. 85–90. doi: 10.1109/DAS54948.2022.9786092.

A. I. Al-Darrab and A. M. A. Rushdi, “Multi-State Reliability Evaluation of Local Area Networks,” in 2021 National Computing

Colleges Conference (NCCC), 2021, pp. 1–6. doi: 10.1109/NCCC49330.2021.9428843.

N. R. Fattahilah, F. Nurfadila, and Y. Setiawan, “High Availability’s Implementation on the Fortigate Firewall Using SD-WAN

Zone and HA Cluster Active-Passive,” Indones. J. Multidiscip. Sci., vol. 2, no. 11, pp. 3937–3952, 2023, doi:

10.55324/ijoms.v2i11.622.

D. Kreculj, Đ. Dihovični, N. Ratković Kovačević, M. Gaborov, and M. Zajeganović, “pfSense Router and Firewall Software,”

pp. 132–137, 2023, doi: 10.15308/sinteza-2023-132-137.

V. Henriques and M. Tanner, “a S Ystematic L Iterature R Eview of a Gile and,” Interdiscip. J. Information, Knowl. Manag., vol. 12,

pp. 53–73, 2017.

R. Nur, Z. Saharuna, I. Irmawati, I. Irawan, and R. Wahyuni, “Gateway Redundancy Using Common Address Redundancy

Protocol (CARP),” IJITEE (International J. Inf. Technol. Electr. Eng., vol. 2, no. 3, p. 71, 2019, doi: 10.22146/ijitee.43701.

M. S. F. Ramadhan and Nendi, “Penerapan Redundancy Firewall Pfsense Menggunakan Metode Carp Dengan Pfsync Dan

Xmlrpc Sync,” J. Indones. Manaj. Inform. dan Komun., vol. 4, no. 3, pp. 1704–1713, 2023, doi: 10.35870/jimik.v4i3.394.

A.-D. Tudosi, A. Graur, D. G. Balan, and A. D. Potorac, “Automatic Directory Service Integration in Distributed Firewall

Resources: A Study of Scripting and LDAP Integration with pfSense,” in Advances in Digital Health and Medical Bioengineering, H.

N. Costin, R. Magjarević, and G. G. Petroiu, Eds., Cham: Springer Nature Switzerland, 2024, pp. 400–411.

M. Caprolu, S. Raponi, and R. Di Pietro, “Fortress: an efficient and distributed firewall for stateful data plane sdn,” Secur. Commun.

Networks, vol. 2019, no. 1, p. 6874592, 2019.

A. T. Azzam, R. Munadi, and R. Mayasari, “Performance analysis of firewall as virtualized network function on VMware ESXi

hypervisor,” J. Infotel, vol. 11, no. 1, pp. 29–35, 2019.

Cluster

N. R. Fattahilah, F. Nurfadila, and ..., “High Availability’s Implementation on the Fortigate Firewall Using SD-WAN Zone and

HA

Active-Passive,”

Indones.

…,

https://ijoms.internationaljournallabs.com/index.php/ijoms/article/view/622

2023,

[Online].

Available:

P. Alavian, Y. Eun, K. Liu, S. M. Meerkov, and L. Zhang, “The (α, β)-precise estimates of MTBF and MTTR: Definition,

calculation, and observation time,” IEEE Trans. Autom. Sci. Eng., vol. 18, no. 3, pp. 1469–1477, 2020.

P. SenthilKumar and M. Muthukumar, “A study on firewall system, scheduling and routing using pfsense scheme,” in 2018

International conference on intelligent computing and communication for smart world (I2C2SW), IEEE, 2018, pp. 14–17.

K. C. Patel and P. Sharma, “A Review paper on pfsense-an Open source firewall introducing with different capabilities &

customization,” IJARIIE, vol. 3, pp. 2395–4396, 2017.

D. Kumar and M. Gupta, “Implementation of firewall & intrusion detection system using pfSense to enhance network security,”

Int. J. Electr. Electron. Comput. Sci. Eng., vol. 1, pp. 1222–2454, 2018.

M. S. F. Ramadhan, “PENERAPAN REDUNDANCY FIREWALL PFSENSE MENGGUNAKAN METODE CARP

DENGAN PFSYNC DAN XMLRPC SYNC,” J. Indones. Manaj. Inform. dan Komun., vol. 4, no. 3, pp. 1704–1713, 2023.

R. Nur, Z. Saharuna, I. Irmawati, I. Irawan, and R. Wahyuni, “Gateway redundancy using common address redundancy protocol

(CARP),” IJITEE (International J. Inf. Technol. Electr. Eng., vol. 2, no. 3, pp. 71–77, 2019.

Downloads

Published

2026-02-28

How to Cite

Ade Frihadi, Silviana Windasari, & Abdurohman Abdurohman. (2026). Evaluasi Kinerja High Availability Firewall pfSense Menggunakan CARP pada Jaringan LokaL. Jurnal Publikasi Ilmu Komputer Dan Multimedia, 5(1), 273–281. https://doi.org/10.55606/jupikom.v5i1.6746

Issue

Vol. 5 No. 1 (2026): Jurnal Publikasi Ilmu Komputer dan Multimedia

Section

Articles

License

Copyright (c) 2025 Jurnal Publikasi Ilmu Komputer dan Multimedia

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.