Topics tagged under "ha carp" | Netgate Forum

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

E

NAT 1:1 configuration in HA-CARP mode

Watching Ignoring Scheduled Pinned Locked Moved NAT nat carp ha carp
8

0 Votes

8 Posts

820 Views

E

@SteveITS said in NAT 1:1 configuration in HA-CARP mode: For your IP alias I think /32 is wrong: @viragomann said in NAT 1:1 configuration in HA-CARP mode: So there is something wrong with this IP or the CARP VIP, which you should troubleshoot. Check the logs for hints. Hooking up the IP alias on the CARP VIP is necessary for proper failover. If you just set it on the interface it can never failover to the secondary. Thank you both for your help!!! I've set up a new carp just for this type of 1:1 NAT situation and I'm doing a port forward.
F

Suricata on Backup PFSense give me alerts

Watching Ignoring Scheduled Pinned Locked Moved IDS/IPS suricata ha carp alerts
7

0 Votes

7 Posts

1k Views

S

@farazb59 The “stream” events ruleset seems to generate a lot of false positives. Consider just turning it off, which is what we do. Curious how any traffic goes through the secondary, if it hasn’t become master?
J

CARP interfaces work separately

Watching Ignoring Scheduled Pinned Locked Moved HA/CARP/VIPs ha carp
16

0 Votes

16 Posts

2k Views

D

@jakub_ Yes. The advertisements are sourced from the interface IP address and CARP MAC. Not sure why you are seen advertisements from both the primary (advskew 0) and secondary (advskew 100) there.