Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Not enough vhids per ips, carp alias?

    Scheduled Pinned Locked Moved
    HA/CARP/VIPs
    3
    4
    2.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      RedRocket
      last edited by

      Has anyone done this?
      I have 22 useable ips in my /27, and 16vhids assigned from my isp, I would like to have carp operating on all ips. I thought it appeared to be possible in pfsense to add a network, say 212.121.212.184/30 (block of 4 ips) in the Virtual ips section, and to have carp operate on the block, but i could not get this to work.

      What are my options? Use the shell to alias carp??  (I already saw how to save these shells commands in the xml to reload after reboot)
      ifconfig carp0 alias vhid 1 pass testpass 212.121.212.184/32

      Is this the best solution, will this mess up any other pfsense web configuration like nat/firewall rules?

      Or am I going in the complete wrong direction and someone has the solution??

      Many thanks,
      Steve

      1 Reply Last reply Reply Quote 0
      • dotdashD
        dotdash
        last edited by

        I don't understand. Why can't you just add the CARP IPs individually? What does this mean:
        @RedRocket:

        I have 22 useable ips in my /27, and 16vhids assigned from my isp,

        Your ISP is assigning your vhids?
        Anyway, as I understand it, CARP needs a unique vhid for each IP. The network mask, as it says, should be the actual netmask.

        1 Reply Last reply Reply Quote 0
        • R
          RedRocket
          last edited by

          Yes, my ISP is assigning vhids, i am not sure what the normal practice is here, I do know however that if there is any fuckup with vhids on our network interfering with theirs or other clients, they will simply pull the plug on us.

          As far as i can see in freebsd you can alias them, its a matter of me testing this, if the feature (or an alternative) was available in pfsense that would be much better. im not sure how aliasing the ips will affect other services pfsense if providing such as nat/firewall. Just need the time at work to sit down and setup a test.

          As far as I can see from these links it should be possible:
          http://readlist.com/lists/openbsd.org/misc/1/9687.html
          http://synfulpacket.blogspot.com/2007/10/openbsd-carp-incorrect-hash.html

          1 Reply Last reply Reply Quote 0
          • C
            cmb
            last edited by

            You must have one VHID per IP if you're running CARP. ifconfig alias IPs are not able to be used in a failover deployment.

            @RedRocket:

            Yes, my ISP is assigning vhids, i am not sure what the normal practice is here, I do know however that if there is any fuckup with vhids on our network interfering with theirs or other clients, they will simply pull the plug on us.

            Doesn't surprise me, it's not a bad idea. They need to be willing to provide enough VHIDs though.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post