Can't seem to be able to setup a WAN VIP for carp
-
Hi, everyone
I'm rewriting this post as nobody is giving me any answer.
I'm experimenting with CARP failover.
When i try to create a Virtual IP I get the error message "Sorry, we could not locate an interface with a matching subnet for 192.168.0.90/24. Please add an ip in this subnet on a real interface."
I have strictly followed the CARP tutorial
Details: I'm creating a CARP VIP for WAN / my pfsense router gets the address 192.168.0.136 from a DHCP on WAN side
If i understand correctly my VIP address WAN side should fall in the WAN subnet ( i.e. of type 192.168.0.X where X goes from 1 to 255)
What am I doing wrong ?
Many Thanks
Initial post
I'm seting up CARP failover with 2 Computers in my home lab.The setup is like this
1(Internet) -> 2(cable modem) -> 3(Dlink Router @ 192.168.0.1 with LAN Subnet 255.255.255.0 with DHCP) ->
4(2pfsense routers as DHCP clients WAN Side [192.168.0.136 & 192.168.0.172] and DHCP server on LAN Side @ 192.168.1.1 and .2 with subnet /24)When I go to create a WAN VIP for CARP I get the message "Sorry, we could not locate an interface with a matching subnet 192.168.0.10" or .x or wathever
I fail to understand why ?
Isn't my WAN VIP address suppose to fall in the WAN Subnet?What is wrong please help
Franck
Edit:
In the process of setting up CARP….When I create a VIP for WAN CARP using an IP within my WAN subnet....
Example VIP = 192.168.0.90/24 on WAN = 192.168.0.X /24
I get "Sorry, we could not locate an interface with a matching subnet for 192.168.0.90/24. Please add an ip in this subnet on a real interface."
-
are the wan interfaces on each showing its pulling a /24 address? Try setting the wan addresses static so you can force the /24
-
Yes each wan interface is getting a /24 address in fact 192.168.0.136 & 192.168.0.177
I have tried with static address and yes the connection works
and I can also create my VIP
But what if my ISP only allocates his IP's from DHCP.
Regards
-
You can't do CARP with a DHCP WAN, only static IP.
-
Thanks, Jimp
Ok my VIP's are setup and I can ping them
Now a new issue. and a ?
In the process of setting up failover can I start by getting just one machine going. (second computer actualy off)
When I configure the pfsense dhcp to use the LAN VIP for as the gateway my LAN PC computer does not get an IP anymore !!!! why is that
Also Is there a way to issue a report that would show pfsense full setup.
Regards
-
It's not likely that is the cause of your not getting an IP. If you set a "failover IP" for DHCP but the secondary machine is not on, that will cause it to fail.
You can configure most of the CARP/sync/failover stuff with the secondary off, but the DHCP failover IP will cause issues.
-
Thanks Jimp,
Ok while setting up only one pfsense computer…
pfsense DHCP service stops working as soon as I redirect the DHCP gateway to the LAN VIP
I noticed pinging the LAN VIP from subnet PC works but pinging from pfsense /diag_ping.php reports 100% lossAlso the DHCP services reports this "Failover Group My State Since Peer State Since
"dhcp0" recover 2010/08/24 04:06:50 unknown-state 2010/08/24 04:06:50 "After re-reading Jimp's last reply I decide to rebuild my setup but (NOW USING 2 pfSense computers)
So now the failover seems to work... SO I move to tests
When I unplug the BACKUP I can get a DHCP adress
When I unplug the MASTER I can NO LONGER get a DHCP adressI rebuilt again the whole setup but SWAPPING the 2 computers
I get the same resultSo what is wrong here!?
-
Do you have the failover IPs set properly on both systems' DHCP settings?
On the primary, it should be the LAN IP of the secondary.
On the secondary, it should be the LAN IP of the primary.On 1.2.3, the DHCP settings do not sync.
-
Thanks Jimp,
Right on the spot…
