Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    CARP VIP + Routed Subnet to Carp VIP on PfSense 2.0.1-RELEASE

    HA/CARP/VIPs
    2
    3
    2.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nybble
      last edited by

      Hello,

      Apologies if this has already been asked and answered. I have read through a few threads but none seem to match the scenario I've got.

      Ok, so I have 2 pfsense in a CARP master/slave configuration.

      Box 1.
      Wan IP 1.1.1.5
      Lan IP 10.x.x.10

      Box 2.
      Wan IP 1.1.1.6
      Lan IP 10.x.x.11

      Both boxes share via CARP:
      Wan IP 1.1.1.4
      Lan IP 10.x.x.254

      I have a /27 block routed to the shared WAN IP 1.1.1.4.

      I know that if i was not in this failover configuration, I could just use ProxyARP on the WAN interface. However, I'm assuming that I need to run any of this off the "CARP VIP for 1.1.1.4". Anytime I attempt to add Proxy ARP, I am told that is not aloud. I'm cool with that. Attempted "IP Alias", which if memory serves (I'm not in front of the system at the moment), will not apply to the Carp VIP. I've attmped "Other", which has told me that the IP range I was trying to add was not presnt on any interfaces on the system.

      I think I'm doing something wrong here. But I'm not quite sure what I've missed.

      Any help would be appreciated.

      Thanks,
      John

      1 Reply Last reply Reply Quote 0
      • N
        nybble
        last edited by

        Ok,

        So I'm now in front of the system in question.

        Adding:

        Standard Parameter:
        -Selecting "Interface" which is my Primary IP via CARP. This is the IP that my additional block is routed to.
        -Block is 1.2.3.4/27

        Proxy Arp
        I get "For this type of VIP, a CARP parent is not allowed"
        I was expecting this. But tried for the sake of trying.

        CARP
        You cannot stack CARP interfaces.

        Other
        This article refers that I should use this.
        I get "For this type of VIP, a CARP parent is not allowed".

        IP Alias
        "Sorry, we could not locate an interface with a matching subnet for 1.2.3.4/27. Please add an ip alias in this subnet on this interface."
        Is that not what I was trying to do?

        I have a feeling the majority of the instructions I am reading on this are mant for 1.2.x and not 2.x.x of pfSense.

        Any help would be greatly appreciated.

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          Just add Other type VIPs on WAN, not on CARP. They don't actually do anything other than filling in places in the GUI where you can pick public IPs.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.