Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    RIP with CARP - unpredictable results

    Scheduled Pinned Locked Moved HA/CARP/VIPs
    5 Posts 3 Posters 2.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      ben_uk
      last edited by

      Hi,

      I've got a L3 switch in our lab with IPs routed to it - then I'm using 2x pfsense firewalls to protect some vlans. So It is convenient to use RIP to announce routes from the pfsense firewalls to the L3 switches.

      CARP is running between the two pfsense firewalls, and RIP is enabled on both.

      It all works - however, RIP can be somewhat unpredictable - as it doesn't seem to send the announcements from the virtual IP. So you end up with a situation with both primary and backup announcing routes - and either can end up being used. Which causes problems with the statefull firewall.

      Is there a particular way to use CARP with RIP?

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        It wouldn't work from our GUI, but it might be possible to edit /etc/gateways and get things going that way. I'm not too familiar with RIP at that level but the man page for routed(8) suggests you should be able to specify alternate gateway IPs there.

        Remember: Upvote with the đź‘Ť button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • B
          ben_uk
          last edited by

          In the end I just dropped the use of RIP. It was more problematic than just defining static routes on the L3 switches themselves.

          All it needs is for RIP to advertise via the CARP VIP - until that point, it will remain a non-option - as both firewalls are advertising the routes on their management addresses.

          1 Reply Last reply Reply Quote 0
          • T
            tmx
            last edited by

            I have the same plans…

            I like to have RIP enabled automaticly on the CARP Master only. I like to enable RIP by start the deamon in the rc.carpmaster and stop the deamon in the rc.carpbackup...

            How can i enable/disable and configure RIP by CLI / Script?

            1 Reply Last reply Reply Quote 0
            • T
              tmx
              last edited by

              /sbin/routed seems to be the RIP Deamon and the file /etc/gateways seems keeping the options per IF…

              can i start/kill RIP by using the rc.carpmaster/rc.carpbackup?
              would it work simillar to this example:
              http://community.spiceworks.com/how_to/show/25042-auto-start-stop-quaqqa-with-carp-in-pfsense

              Ive done the following manualy tests:
              scp the /etc/gateways from master to the slave, kill the routed PID on the Master, kill the master node, start /sbin/routed on the slave (new master) then checked the routing table on the new master...
              Works!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.