Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Upstream/ISP/other involved routers that properly respect the addresses used by CARP.

    Scheduled Pinned Locked Moved HA/CARP/VIPs
    4 Posts 2 Posters 612 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      reberhar
      last edited by

      I have been running High Availability with pfsense for several years now. It has been and continues to be a learning experience. I like it and so do my users. It is much more complex than it first appears.

      Recently my ISP double NATed my connection. Argh! I have the option of bridging the connection which I plan on doing. However, that means I need a router that properly respects the addresses used by CARP. This is more or less a quote in the pfsense documentation.

      https://www.netgate.com/docs/pfsense/highavailability/index.html?highlight=hardware%20redundancy

      I found out that that is not a given in routers pretty fast.

      The Arris modem handled this nicely, but bridging will eliminate that option.

      So I am router shopping. Quite honestly I am a little unsure what to look for in router brands and router specs. I have been researching the issue and said standards in between doing other things. I read how VRRP works because I was curious, and have been studying the multicast system that CARP uses. Some have suggested IOS and others have said that those routers might now work. I don't want to buy a stack of routers and try them out.

      So from the more experienced good folk out there I ask for suggestions.

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Not quite sure why you need another router but I know for a fact Cisco IOS has zero problems with it. The problems with CARP are usually Layer 2. As far as another router and other Layer 3 devices go, they just have to properly honor the ARP responses for the CARP VIP.

        When looking at solutions, you might just want to ask about VRRP compatibility. If it works with VRRP it will almost certainly work with CARP. And fewer people will look at you cross-eyed.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • R
          reberhar
          last edited by

          Hi Derelict,

          I will only get one IP when I bridge, thus the need for the router for my server pair.

          Roy

          1 Reply Last reply Reply Quote 0
          • R
            reberhar
            last edited by

            Oh - Derelict, Thanks for pointing me in the right direction and warning me about the reaction I might get if I ask about CARP.

            reberhar

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.