Active active firewall pfsync

gullio

hi, i was wondering if i can setup 2 pfsense firewall in active-active state with quagga for upstream and downstream router.

my setup is:

internet    internet
    |      /      |
    |      /  \    |
edge r1    edge r2
    |                |
    |                |
pfsense1  pfsense2
    |      \ /    |
    |      /  \    |
l3 router  l3 router

i can achieve this setup with only 1 firewall without problems with quagga carp-pfsync, but on this setup 1 firewall become inactive. if anyone have suggestions or advice is welcome.

Thanks a lot
Giulio

podilarius

Check the comment by cmb.

http://forum.pfsense.org/index.php/topic,56863.msg303468.html#msg303468

gullio

Thanks for your advice, but only for reference. Can i switch carp master between 2 firewall? For example vlan100 firewall 1 master and vlan 200 firewall2 master?

Thanks a lot again
Giulio

podilarius

I don't think you can, but you can always try it and see. Post the results in here.