CARP ISP Routing Question
I have setup a failover cluster with 2 boxes using pfsync+carp. I read in the example documentation that all the machines behind each interface on the firewall should use the associated CARP address as their gateway IP. But the WAN routing confuses me a bit.
My question is this: On the WAN side I am using 3 static IP addresses from my ISP, one for the WAN interface on each box and one is the CARP IP. Which IP should the ISP route traffic through? Should they be using the master firewall IP, the slave firewall IP or the CARP IP address?
You want to use the CARP IP address. Otherwise the failover wont work. To do this you need to change your NAT. Go to Firewall > NAT. Switch to manual outbound NAT and edit the auto created rule. Change the NAT Address to your WAN CARP IP.
Ok that clarifies things. Thanks for the quick reply