PfSense with 2 CARP Trunks into Cisco L3
-
Hi everyone,
I am baffled at this setup. I have VHID on physical NICs working with no problem (WAN, LAN, SYNCing). Past pfSense I want to have the trunk from the primary and the trunk from the backup to go into Cisco 3560 without "flapping". Something like HSRP on Cisco but I cannot configure it or I think I am missing something.
Any comments or guides will be highly appreciated.
Thank you
-
Hi everyone,
I am baffled at this setup. I have VHID on physical NICs working with no problem (WAN, LAN, SYNCing). Past pfSense I want to have the trunk from the primary and the trunk from the backup to go into Cisco 3560 without "flapping". Something like HSRP on Cisco but I cannot configure it or I think I am missing something.
Any comments or guides will be highly appreciated.
Does Cisco support CARP now? If I recall correctly CARP was a response to HSRP/VRRP being proprietary, and Cisco not being willing to make adequate commitments that it would be open and raising issues of a patent suit over it. If that's still true, as I think it is, then there isn't any interoperable failover protocol. See http://en.wikipedia.org/wiki/Common_Address_Redundancy_Protocol
If you're seeing "flapping" on the trunk ports, this might be a spanning-tree-protocol issue, which normally affects bridged configurations into switches. I don't know how VHID, CARP, and pfSync interact with STP so I'll let someone else speak to that; nonetheless, you might need to turn off STP on your trunk ports on the switch, if you know they're not going to bridge, to keep the switch from shutting one or the other down as a potential loop. (If they might bridge and loop, believe me, you're better off with it flapping.)
– Clifton