CARP failover - full 256 class behind /30 link ISP backbone - MY router - advice



  • HI all,
    The scheme is very simple, (just like the screen attached)

    I've got 2 machine, under Pfsense 2.0RC3.
    The goal is - CARP failover.
    problem is.
    /30 link class between ISP backone router - MY router.
    Behind MY router i can use my 256 class of address.
    ISP router - no access, ETH interface configure with /30 mask. (checked by change pfsesne Firewall eth address to /24 mask = no reply)

    What about to set
    IP address of WAN interfaces (on pfsense machines) to IP address in "link class" but changed mask to /24 (some kind of fake address)
    AND make CARP VIP address in that /30 router-gateway address to share between 2 firewall machines ?

    What will be the source IP address of WAN int talking to ISP router ?, CARP VIP address ?, or the real WAN address ?

    Give me a clue how to magane this ?




  • Let dsl router and pfsense work together.

    see how in:
    http://forum.pfsense.org/index.php/topic,35281.msg200865.html#msg200865


  • Rebel Alliance Developer Netgate

    You will need at least a /29 on WAN, each machine needs an IP in that subnet, plus the CARP IP. There isn't enough room in a /30.

    How it normally works is that you have the IPs as above, and your ISP routes your /24 to the CARP IP on your WAN.

    I'm not sure how much help that other thread might be in your case since I'm not sure how many, if any, modems like that could handle static routes. The modem would have to terminate the /30, you'd need a privately numbered subnet on the inside of the modem, and the modem would have to forward that /24 back to the CARP VIP in what is now your firweall's WAN subnet.


Locked