Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    VHIDs with two CARP HAs in the same LAN network?

    HA/CARP/VIPs
    3
    5
    127
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      NSuttner last edited by

      Hello,

      i've a pfSense CARP HA with 2 netgate XG-7100 machines and it's own internetline in our datacenter running without any problems! Last week i have installed a new CARP HA with 2 netgate XG-7100 and a separate internetline. The old and the new CARP HA were connected via a dark fiber line on the LAN interfaces side!

      If i set the same VHID 2 or a other on the new CARP HA for LAN VIP, then the complete LAN network get into a crisis!!!! If i only let die machine in single mode, everything works fine! Any idea what is going wrong?

      Regards,
      Norbert

      viktor_g 1 Reply Last reply Reply Quote 0
      • viktor_g
        viktor_g Netgate @NSuttner last edited by

        @nsuttner Try to set unique VHID numbers for each HA pair

        N 1 Reply Last reply Reply Quote 0
        • N
          NSuttner @viktor_g last edited by

          @viktor_g Hi, you mean, for example all interfaces?

          Cluster1
          CARP Interface
          WAN@1 - VIP Address
          LAN@2 - VIP Address
          OPT1@3 - VIP Address

          Cluster2
          CARP Interface
          WAN@4 - VIP Address
          LAN@5 - VIP Address
          OPT1@6 - VIP Address

          Thanks and regards,
          Norbert

          Derelict 1 Reply Last reply Reply Quote 0
          • Derelict
            Derelict LAYER 8 Netgate @NSuttner last edited by

            @nsuttner The CARP MAC address is derived from the VHID. This also applies to VRRP on the same segment.

            You must use unique VHIDs on the same broadcast domain or you will experience MAC address collisions.

            N 1 Reply Last reply Reply Quote 0
            • N
              NSuttner @Derelict last edited by

              @derelict said in VHIDs with two CARP HAs in the same LAN network?:

              The CARP MAC address is derived from the VHID. This also applies to VRRP on the same segment.
              You must use unique VHIDs on the same broadcast domain or you will experience MAC address collisions.

              Hi, i will try it with unique VHIDs and let you know my results! Thanks for your fast help, regards Norbert!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post

              Products

              • Platform Overview
              • TNSR
              • pfSense
              • Appliances

              Services

              • Training
              • Professional Services

              Support

              • Subscription Plans
              • Contact Support
              • Product Lifecycle
              • Documentation

              News

              • Media Coverage
              • Press
              • Events

              Resources

              • Blog
              • FAQ
              • Find a Partner
              • Resource Library
              • Security Information

              Company

              • About Us
              • Careers
              • Partners
              • Contact Us
              • Legal
              Our Mission

              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

              Subscribe to our Newsletter

              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

              © 2021 Rubicon Communications, LLC | Privacy Policy