• Can't Get Static IP's Working

    Locked
    6
    0 Votes
    6 Posts
    3k Views
    jimpJ
    I believe some people have gotten this to work by adding 5 vlan interfaces and setting them all for DHCP. I'd do a forum/docs search going down that route and see if you can turn up better results. I seem to recall it coming up within the past two weeks.
  • PfSense kernel panic in load-balancing/failover config

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • CARPDEV support on 1.2 ?

    Locked
    5
    0 Votes
    5 Posts
    3k Views
    B
    I have not given all the details: I have configured squid to bind on the LAN if. I have a real IP on the WAN (ip of class 88.xx.xx.12/24) and several VIP (ips of  class 93.xx.xx.0/24) I need the squid users to come out with one of the  VIP, by adding directive tcp_outgoing_address 93.xx.xx.10  in squid conf. How can I do  to do that? (I think I need carpdev to have VIP on virtual interface CARP) kind regards
  • Is there a decent carp failover how-to/tutorial?

    Locked
    6
    0 Votes
    6 Posts
    4k Views
    GruensFroeschliG
    You could put a dumb off-the-shelf router in NAT mode in front of the pfSense. Or if the modem supports that, reconfigure the modem. Basically put a static, private subnet in front of the pfSense.
  • Proxy ARP implementation

    Locked
    4
    0 Votes
    4 Posts
    5k Views
    M
    @GruensFroeschli: Are the additional IPs routed to your WAN? They are routed to my PPPoE address.  They are not configured on an adapter other than as virtual IP's. @GruensFroeschli: Are they all in use right now? The 8 IP Block is fully utilised via 1:1 NAT and are all working fine The 16 IP block is utilising 2 IP's at present.  1 is NAT, the other is configured as the live IP on the virtual linux system @GruensFroeschli: Do you have the public IP directly on the server? The only live IP configured is the PTP ip for my ADSL connection @GruensFroeschli: There are several ways to go at such a problem. Bridging VIPs –> The public IP on the pfSense, the internal servers have private IPs, traffic from the public IP forwarded to the private IP. routing You cannot use VIPs if you have the public IP directly on the server itself. Presently, VIP's and routing are accomplishing things for all the other IP's. The IP that is causing the issue is the virtual machine configured with the real world ip (no internal IP address allocated)
  • SNMP Graphing of Carp Virtual Interfaces

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • Forcing FW failover, FW + Router configuration

    Locked
    12
    0 Votes
    12 Posts
    7k Views
    A
    I just experienced something similar (or same) while setting up two new 1.2.3 based embedded routers.  pfsync is working fine (over a dedicated interface) I created 3 vips (LAN,LAN2,WAN) in that order, vhid's: 1,2,3.  The interfaces would fail over separately - I unplug WAN, it fails over to router2, but LAN stays on router1, and obviously does not provide upstream connectivity. In desperation, I removed LAN2 and WAN vips, and recreated just WAN vip (LAN vhid:1, WAN vhid:2).  Now LAN+WAN seem to fail over together when WAN cable is pulled.  In fact, it all seems to work OK (except DHCP which I'll start a separate topic on) except that when we fail-back to router1, WAN VIP shows as "master" on both machines!  I have to do some more checking as to whether this is affecting anything, but it seems pretty strange.
  • MOVED: Dual WAN - two ISP testimonials

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • 1 Wan in DHCP and multiple CARP on LAN

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • Master/Slave in 1.2.3-RELEASE

    Locked
    3
    0 Votes
    3 Posts
    2k Views
    T
    Thanks for your prompt answer. It is what I needed. Regards.
  • CARP IPs Broken

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • Email feature when FW enters failover mode…..

    Locked
    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • CARP Load balancing

    Locked
    2
    0 Votes
    2 Posts
    4k Views
    J
    I note that we've been here before, I had a good read of: http://www.mail-archive.com/support@pfsense.com/msg07031.html Do we have an official stance on this ARP load balancing functionality now?
  • I need an IP on the wan if (vr0 not ng0)

    Locked
    4
    0 Votes
    4 Posts
    3k Views
    N
    http://doc.pfsense.org/index.php/How_can_i_access_my_PPPoE_Modem_on_WAN [/ quote] I've seen that, but so much time ago I used redir and it could just redir tcpp ports. and I need an udp redirect :( I read the readme from newest version and no mention of udp also thanks anyway :) none
  • Public IP in DMZ / Proxy ARP

    Locked
    2
    0 Votes
    2 Posts
    3k Views
    C
    You can bridge. Short of a routed subnet or NAT, that's your only option. Details in the book.  http://pfsense.org/book
  • CARP and squid

    Locked
    3
    0 Votes
    3 Posts
    3k Views
    C
    Only where the package itself supports it, a few of them do but not all.
  • When connecting Pfsense with Carp to the WAN the link fails

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    C
    Conflicting IP or VHID likely.
  • Fault tolerant colocation setup

    Locked
    2
    0 Votes
    2 Posts
    3k Views
    C
    @stevekez: Is the kind of setup I describe possible and if so what things do I need to look at when configuring such a thing? That's one of the most common types of setups I help our support customers deploy. Works great. My presentation from DCBSDCon covered this type of setup. http://www.youtube.com/watch?v=aElQidbWUxA The book has a lot of content that goes over things you need to consider here.  http://pfsense.org/book @stevekez: If there are problems with the above description (such as LAG not working between multiple switches, as I've already identified as a potential gotcha  :-[), [/quote] Only lagg with bonding (LACP, EtherChannel) tends to be a problem there. The failover mode is what people generally use for their servers between switches like that.
  • CARP/Redundancy with public /30 vlans

    Locked
    2
    0 Votes
    2 Posts
    2k Views
    C
    You need a /29 minimum per interface for CARP. The routed public IP scenario is covered in depth in the book. http://pfsense.org/book
  • Hundreds of VIPs: CARP or Proxy ARP?

    Locked
    6
    0 Votes
    6 Posts
    6k Views
    C
    @juliansomers: However, your reply troubles me somewhat: when you say don't use PARP with two firewalls, it won't failover properly and will cause problems. could you be more specific? What are the problems that I can expect, other than the PARP VIPs not being available on the slave firewall when a failover happens? That was assuming you put them on both firewalls. If you only put them on one it won't be a problem, but won't fail over either. The proper solution is to have your provider route the additional subnets to one of your CARP IPs, then you can use Other VIPs and will have proper failover.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.