How to CARP WAN-subnet (/29)?
-
What do I have:
2.0-RC3 (amd64)
- internet speeds:
WANA - 120/10 Mbit (down/up)
WANB - 8/1 Mbit (down/up) - 1 subnet - xx.xxx.xxx.177/29
xx.xxx.xxx.177 = def. gw
xx.xxx.xxx.178 = smtp
xx.xxx.xxx.179 = www
xx.xxx.xxx.180 = …
xx.xxx.xxx.181 = ...
xx.xxx.xxx.182 = ...
CARP for all single-addressed interfaces (like WANA, LAN, DMZ, WIFI and PFSYNC) is no problem.
for example: WANA
fw1 has 192.168.201.11
fw2 has 192.168.201.12
shared CARP address is 192.168.201.10Router of WANA has 192.168.201.1 and forward everything to 192.168.201.10
How do I solve this of the subnet on WANB?
- internet speeds:
-
what do you want to set?
two default gateways or carp with less then 4 ips?
i did not understand what you want in wan2.
-
I want to CARP all my public IP's!
But if I want to do it with my own public addresses, I don't have any addresses left over the the services.
So I'll (think) need to route them first to private addresses.
-
If you have only 4 ips (router, carp, pfsense1, pfsense2) you may need to do nat at router and set your wan ips to invalid subnet.
If you can publish only the carp ip, you can redirect by nat or load balance your services.
-
correct. And don't forget the 1:1 NAT - CARP :)
I've now installed a 3rd pfSense to try to use it as a router-only config.
The only question for me is HOW to solve this problem with my public subnet.
-
Is this the right way to do it?
/- 192.168.202.11
xx.xxx.xxx.178 = 192.168.202.10 (VIP7)
- 192.168.202.12/- 192.168.203.11
xx.xxx.xxx.179 = 192.168.203.10 (VIP8)
- 192.168.203.12/- 192.168.204.11
xx.xxx.xxx.180 = 192.168.204.10 (VIP9)
- 192.168.204.12/- 192.168.205.11
xx.xxx.xxx.181 = 192.168.205.10 (VIP10)
- 192.168.205.12(where .11 is for fw1 and .12 for fw2)
