Carp with single wan ip

sirex

Since pfsense 2.2, i understand it's now possible to do CARP with only a single WAN IP.

Is that just a case of using a /30 subnet of rfc1918 addresses on the WAN interface of each pfsense router, and setting the CARP virtual IP to be the one assigned from the ISP ? Then using the auto outbound NAT mode ?

I've not had much luck on finding documentation on exactly how to do it, just lots on how to do it with multiple WAN IPs (which i don't have). Would greatly appreciate a blog post of something to point me in the right direction (hell, even an ascii diagram!).

dotdash

Works with some caveats. This thread among others has notes- https://forum.pfsense.org/index.php?topic=87546.0

sirex

aha. i searched for 'carp with one ip' not 'carp with 1 ip'. so close but no cigar !

Derelict

Any blog post or diagram should tell you to get a /29. That is how it is done. Anything worth HA is worth doing right, IMHO.

And you cannot use Automatic outbound NAT with CARP/HA. It must be manual to the CARP VIP is used there.