first steps with HA: where to put VLANs?



  • Set up my second HA-cluster today … looks great.
    For the project I work on I will have to provide VLANs on the LAN side and I wonder how to set that up on a CARP-cluster.

    I could only assign VLANs to the LAN interface on the primary, is that OK?
    Do I have to do that manually on both nodes in a way?

    Any pointers? the pfsense book didn’t tell me much here.
    thanks in advance …



  • It’s just like physical interfaces- each pfsense box needs a unique IP on each vlan.
    e.g- vlan 10 192.168.10.2 primary 192.168.10.3 secondary 192.168.10.1 carp
    vlan 20 192.168.20.2 primary 192.168.20.3 secondary 192.168.20.1 carp
    On the switch side, both boxes would need to be connected to a vlan trunk carrying all the tagged vlans.



  • hm, I think I understand 😉 will try asap on my test boxes -> thanks!


  • Netgate

    New category, yo.


  • Moderator

    @sgw As you were guessing: create the VLAN(s) on both nodes of the cluster, setup a CARP VIP for that VLAN and just treat it like another physical “LAN” interface in any regard, then you’re good to go.

    Greets


 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy