BGP, CARP and assymetric routing

  • Hello,

    I have a setup with two pfsenses each with a BGP interface towards the "outside". They are set up with CARP failover.
    My question is whether the routing setup will cause assymteric routing issues. The setup with BGP makes it impossible to make sure that the TCP-packets are transmitted and received on the same interface which would make the stateful inspection difficult. Unless there is some magic in the pfsense that maches those packets. After all, they kind of know each other, and state information is transmitted between them using CARP.
    Is it necessary to allow assymetric routing in order for this to work or is there any other way?


Log in to reply