CARP not working? Why?

bompus

I followed the tutorial posted and everything is setup properly as far as I know.

Here is the setup:
I have 5 WAN IP's (x.x.x.98 - x.x.x.102)
that are NAT'ed to 5 LAN (y.y.y.y) IP's

WAN IP 1 x.98 goes to pfsense.1
WAN IP 2 x.99 goes to pfsense.2
WAN IP 3 x.100 goes to lan.10
WAN IP 4 x.101 goes to lan.11
WAN IP 5 x.102 goes to lan.12

pfsync seems to be communicating (properly?) as all rules got transfered to the backup from the master. I have a dedicated NIC in each pfsense box that is on its own network for communicating with pfsync.

Here is my Virtual IP setup:
x.x.x.100/32 (vhid 100)    CARP (WAN)
x.x.x.101/32        (vhid 101)    CARP (WAN)
x.x.x.102/32        (vhid 102)    CARP (WAN)
y.y.y.y.111/32 (vhid 111)    CARP (LAN)

Here is what I see in CARP status on pfsense.1 (master):
Interface    Virtual IP    Status
<blank>      x.x.x.100    <blank><blank>      x.x.x.101    <blank>carp2          x.x.x.102    MASTER
carp3          y.y.y.111    MASTER

Here is what is on pfsense.2 (backup):
<blank>      x.x.x.100    <blank>carp1        x.x.x.101    MASTER
carp2        x.x.x.102      BACKUP
carp3        y.y.y.111    BACKUP

pfsense.1 (master) ifconfig:
carp0: flags=49 <up,loopback,running>metric 0 mtu 1500
        carp: MASTER vhid 100 advbase 1 advskew 0
carp1: flags=49 <up,loopback,running>metric 0 mtu 1500
        carp: MASTER vhid 101 advbase 1 advskew 0
carp2: flags=49 <up,loopback,running>metric 0 mtu 1500
        inet x.x.x.102 netmask 0xffffffff
        carp: MASTER vhid 102 advbase 1 advskew 0
carp3: flags=49 <up,loopback,running>metric 0 mtu 1500
        inet y.y.y.111 netmask 0xffffffff
        carp: MASTER vhid 111 advbase 1 advskew 0

and pfsense.2 (backup) ifconfig:
carp0: flags=49 <up,loopback,running>metric 0 mtu 1500
        carp: BACKUP vhid 100 advbase 1 advskew 100
carp1: flags=49 <up,loopback,running>metric 0 mtu 1500
        inet x.x.x.101 netmask 0xffffffff
        carp: MASTER vhid 101 advbase 1 advskew 100
carp2: flags=49 <up,loopback,running>metric 0 mtu 1500
        inet x.x.x.102 netmask 0xffffffff
        carp: BACKUP vhid 102 advbase 1 advskew 100
carp3: flags=49 <up,loopback,running>metric 0 mtu 1500
        inet y.y.y.111 netmask 0xffffffff
        carp: BACKUP vhid 111 advbase 1 advskew 100

Does anybody have any clue what is wrong here? I am using "1.2.3-PRERELEASE-TESTING-VERSION built on Wed Feb 11 15:58:05 EST 2009" due to the need for some NIC drivers that are only in FreeBSD 7.1

I'm out of ideas and I've been at it all night. Let's hear the suggestions!</up,loopback,running></up,loopback,running></up,loopback,running></up,loopback,running></up,loopback,running></up,loopback,running></up,loopback,running></up,loopback,running></blank></blank></blank></blank></blank></blank>

GruensFroeschli

Here is my Virtual IP setup:
x.x.x.100/32    (vhid 100)    CARP (WAN)
x.x.x.101/32        (vhid 101)    CARP (WAN)
x.x.x.102/32        (vhid 102)    CARP (WAN)
y.y.y.y.111/32    (vhid 111)    CARP (LAN)

You have to set the correct subnetmask for CARP VIPs.
Since you have (x.x.x.98 - x.x.x.102) this would be /29

bompus

Actually, they are all set to /32 now and working fine. I had to reboot both boxes in order for it to finally work. Any reason why you can't configure this in realtime?

The main WAN IP is set to /24 though, which I believe is what makes it work with these individual IP's set to /32.. Make sense?

Thanks

GruensFroeschli

This doesnt really make much sense.
Set the subnet to what you actually have on the main WAN IP.