Quick carp/default gateway question
I'm using a two node pf cluster for outbound web traffic. It's basically protecting 5 web servers. I have carp and pfsync running correctly I believe because it's showing the backup carp VIPs on the backup server.
Master LAN IP: 10.1.1.21
Secondary LAN IP: 10.1.1.22
Carped LAN VIP IP: 10.1.1.23
When I set up the first machine, I made the default route/gateway on all my webservers 10.1.1.21. Obviously if that server eats it, then they can't route out. So should I be setting the default route to 10.1.1.23, since that is held as a sync by the secondary?
Yes - you should use the CARP address for all traffic you want redundancy for.
The CARP (V)IP is held by which ever system is the master at the time.
Works like a charm. Thanks a bunch!