What interface for Carp ?
-
Hi all
I try to build a cluster with pfsense(v 1.0.1). so i need to install carp following to the tutorial below (http://pfsense.iserv.nl/tutorials/carp/carp_cluster.htm) !!
But on the list of available packages, i do not have CARP ??? ???I have (for example) Dashboard , Lightsquid , OpenBGPD ,Zabbix Agent , ….. but not CARP!!
Please help :'( :'( :'(
-
That is a really old tutorial. A package is no longer needed for CARP.
Look at this instead: http://www.pfsense.org/mirror.php?section=tutorials/carp/carp-cluster-new.htm -
Ok, i have tried that link since this morning with IE7 but nothing appaears, i have a white window.
With firefox, it works ;D ;D ;D ;DThanks a lot 8)
-
Again .. !!
Here is what we have: Wan –- Dmz --- Lan On 2 Pfsense!
To build the cluster, should i have another card(opt2) on both pfsense or can i active it on the wan interface??
-
It is highly recommended to run a separate sync interface, but you can run it on an existing interface. I think it would be a better idea to use the LAN and not the WAN for sync if you did not have the fourth interface.
-
Never set WAN as your sync interface. Syncmessages are statemessages, so an attacker could send an openstate message and punch holes in your firewall this way. That's why you should usually run a dedicated sync interface. You also could set this up with vlans if the ports on your hardware are limitted. This would require a vlancapable switch then though. If you want to run it on one of the existing interfaces LAN is the safest zone to have it running on.
-
Ok, I think it is safer to buy a fourth card!! Thank for advices!! ;)