Quick carp/default gateway question



  • I'm using a two node pf cluster for outbound web traffic.  It's basically protecting 5 web servers.  I have carp and pfsync running correctly I believe because it's showing the backup carp VIPs on the backup server.

    Master LAN IP:        10.1.1.21
    Secondary LAN IP:  10.1.1.22
    Carped LAN VIP IP:  10.1.1.23

    When I set up the first machine, I made the default route/gateway on all my webservers 10.1.1.21.  Obviously if that server eats it, then they can't route out.  So should I be setting the default route to 10.1.1.23, since that is held as a sync by the secondary?

    Thanks much!



  • Yes - you should use the CARP address for all traffic you want redundancy for.

    The CARP (V)IP is held by which ever system is the master at the time.



  • Works like a charm.  Thanks a bunch!


Log in to reply