behind an ISP router, I did setup a firewall that includes (DHCP server, Squid, ClamAV, Light Squid, Snort, Port Forwarding, and OpenVPN), linked to an ethernet switch.
3 PCs, VoIP server(static address) are connected to that switch, I duplicated my firewall and I added another ISP, assuming that if ISP-1 stops working somehow, I want my LAN to keep working through the other ISP.
I need some ideas on how to do redundancy in this topology. thanks for your time.
Preferably, set up both uplinks on a single pfSense instance. As far as I can remember, it already has built-in functionality to test for gateway liveness and to automatically switch to a different WAN gateway.
Alternatively, use CARP (FreeBSD's VRRP equivalent) to set up a "virtual" IP address between both pfSense instances (to be used by your LAN devices instead of the "real" one), and script something to make the 'IAM' instance withdraw that IP address whenever it loses Internet access; I think I faintly remember this being built-in functionality in pfSense. (You probaly don't need pfSync for firewall states, as all connections will be interrupted anyway when your external IP address changes.)
