How to add a second virtual IP for CARP ????
-
First of all… hello everybody!!!!! :)
I am having an problem with CARP and i would like to ask for your help and/or feedback, please....
I have Firewall-A and Firewall-B working in HA with CARP perfectly! they have a virtual IP (CARP type) that works as a floating IP. So far so good...
If i want to add now a second IP floating IP address??? how do i do it?
i have tried to add a second CARP virtual IP and it works... but after a couple of hours, both virtual IPs.... the first one and the second i created stop working and no traffic can pass the fw!
am i doing right? does PfSense support 2 carp virtual IPs?? what is the correct to do it?
Thanks in advance!
Pedreter.
-
Are you setting up your firewalls as described here: https://doc.pfsense.org/index.php/Configuring_pfSense_Hardware_Redundancy_(CARP)? I setup a pair of firewalls with pfSense 2.1.4 with VIPs on the LAN and WAN interfaces without any trouble.
-
I don't believe you can add a second CARP IP to the interfaces. The simple configuration what is described in the book and in the online documentation seems to be the only one that works.
I tried to turn a CARP setup without a dedicated pfSync interface that didn't work either; actually it doesn't seem to fail from the start but sometime afterwards.
-
@secgeek: Don't know what you are trying to say, but it doesn't make sense.
@pedreter: we run a datacenter firewall cluster with HA and carp on multiple physical interfaces (6) with about a dozen VIPs on our second WAN link and minimum one on the remaining links (WAN, XFER, MGMT, etc.). No problem with that. Seems like a configuration issue to me rather than any problem with CARP or IPs.Greets
