Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    CARP, 1:1 NAT, multiple WAN subnets

    Scheduled Pinned Locked Moved
    HA/CARP/VIPs
    1
    3
    2.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      davidbrodbeck
      last edited by

      I've done a lot of searching and reading, but I'm not sure if what I want to do is possible.

      For IPv4 conservation reasons the campus network my WAN port is plugged into has two subnets; one publicly routable, and one for machines that only need to be accessed from elsewhere on campus.  I have machines with both types of addresses, routed through my pfSense firewall via proxy ARP and 1:1 NAT.  So far this all works fine.

      My question is, is it possible to make CARP failover work in a situation like this?  Can I switch the PARP IPs to CARP, or will this cause problems since they're not all on the same subnet?

      1 Reply Last reply Reply Quote 0
      • D
        davidbrodbeck
        last edited by

        So, I set up a test network and answered my own question: No, it doesn't work.  I can have multiple CARP IPs on an interface but they all have to be on the same subnet.

        1 Reply Last reply Reply Quote 0
        • D
          davidbrodbeck
          last edited by

          Also, found a gotcha with Virtual IP sync that's worth noting.  The sync doesn't work properly – the virtual IP appears on the slave, but in the CARP Status page it lacks a carp interface.  It won't function until you edit the virtual IP assignment (on the slave) and click Save without making any changes -- after that it functions.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post