Could be useful…....or not ;-)
As there are some hidden firewall rules I was asking myself if it shouldn't be useful to add special ones when using CARP. I'm thinking of NO NAT ones ;-)
When using CARP I see no reasons that CARP broadcasts (directed to 184.108.40.206) should be nated.
I "think" it should be useful to hard code a no nat rule per physical interface where a CARP interface is defined. For example :
no nat from <iface ip="">to 220.127.116.11
Am I wrong…..have you an example where natting the VRRP broadcast should be useful ?</iface>