CARP not working on VLAN but works fine on LAN
-
Hi there,
I currently have 2 PFSense VM's setup on ESXI.
They have the following Interfaces setup.
WAN (2 Links to internet via a switch)
LAN (2 Links to our 2x Netgear M4300 Core switches)
HA (Plugged between the devices)
WAN2 (1 Link to a small 10mb Line for management)
VLAN20 (VLAN on LAN interface)
VLAN30 (VLAN on LAN interface)CARP is showing the following on Gateway1
LAN@1 192.168.110.254/23 MASTER
WAN@2 64.XXX.XX.X/27 MASTER
VLAN20@3 192.168.120.254/24 MASTER
VLAN30@4 192.168.130.254/24 MASTERCARP is showing the following on Gateway2
LAN@1 192.168.110.254/23 BACKUP
WAN@2 64.XXX.XX.X/27 BACKUP
VLAN20@3 192.168.120.254/24 MASTER
VLAN30@4 192.168.130.254/24 MASTERAny ideas?
-
Have you activated the promiscuous mode on the virtual switches in ESXi?
-
Yes I have I just find it weird CARP is working on the LAN interface which the VLAN interfaces are bonded too. But not the VLAN Interfaces
-
It is not clear that the two vlans on two nodes are on the same broadcast domain.
Lans are, since they are connected to the switch.
Can the interfaces belongin to the same vlan ping each other? -
No the two pfsense devices cannot ping each other
-
@benrichardson_insync So its is expected to have this behaviour. Carp interfaces must be on the same broadcast domain. The master sends regular advertisements to the backups.
See here for more details about the mechanism
https://www.netbsd.org/docs/guide/en/chap-carp.html