Carp not working correctly on internal firewalls

scott4m

Hi,

I have 2 external Pfsense firewalls all working well and using CARP, however when i set up two more pfsense boxs inside the network when i add one CARP address, the system still works but when i add two CARP address's, it causes the network to slow and not work correctly.

The set up is as follows:

External CARP
                                                          xx.xx.xx.xx
                       WAN IP xx.xx.xx.xx                                 WAN IP xx.xx.xx.xx
                       LAN IP  10.10.1.21                                  LAN IP 10.10.1.22
                                                       Internal CARP
                                                         10.10.1.23

Web Server1      /      Web Server2

CARP 10.10.1.28
                         WAN IP 10.10.1.29                             WAN IP 10.10.1.30
                          LAN IP 10.11.1.1                                LAN IP 10.11.1.2
                                                     CARP 10.11.1.3

Internal Network

So as soon as i set up both CARP devices on the second set of firewalls this is when the problems start. I can nowever set up the one CARP address eg. 10.10.1.28 and this seems to work fine, its only when the second is added i get issues.

Thanks

scott4m

Figured out where i was going wrong on this - on the first set of firewalls i was using VHID 1 /2 and the same for the second internal firewalls, silly mistake - after setting the internal to VHID 3 /4 it is all working correctly. ;D