Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VHIDs with two CARP HAs in the same LAN network?

    HA/CARP/VIPs
    3
    5
    834
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      NSuttner
      last edited by

      Hello,

      i've a pfSense CARP HA with 2 netgate XG-7100 machines and it's own internetline in our datacenter running without any problems! Last week i have installed a new CARP HA with 2 netgate XG-7100 and a separate internetline. The old and the new CARP HA were connected via a dark fiber line on the LAN interfaces side!

      If i set the same VHID 2 or a other on the new CARP HA for LAN VIP, then the complete LAN network get into a crisis!!!! If i only let die machine in single mode, everything works fine! Any idea what is going wrong?

      Regards,
      Norbert

      viktor_gV 1 Reply Last reply Reply Quote 0
      • viktor_gV
        viktor_g Netgate @NSuttner
        last edited by

        @nsuttner Try to set unique VHID numbers for each HA pair

        N 1 Reply Last reply Reply Quote 0
        • N
          NSuttner @viktor_g
          last edited by

          @viktor_g Hi, you mean, for example all interfaces?

          Cluster1
          CARP Interface
          WAN@1 - VIP Address
          LAN@2 - VIP Address
          OPT1@3 - VIP Address

          Cluster2
          CARP Interface
          WAN@4 - VIP Address
          LAN@5 - VIP Address
          OPT1@6 - VIP Address

          Thanks and regards,
          Norbert

          DerelictD 1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate @NSuttner
            last edited by

            @nsuttner The CARP MAC address is derived from the VHID. This also applies to VRRP on the same segment.

            You must use unique VHIDs on the same broadcast domain or you will experience MAC address collisions.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            N 1 Reply Last reply Reply Quote 0
            • N
              NSuttner @Derelict
              last edited by

              @derelict said in VHIDs with two CARP HAs in the same LAN network?:

              The CARP MAC address is derived from the VHID. This also applies to VRRP on the same segment.
              You must use unique VHIDs on the same broadcast domain or you will experience MAC address collisions.

              Hi, i will try it with unique VHIDs and let you know my results! Thanks for your fast help, regards Norbert!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.