• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

What interface for Carp ?

Scheduled Pinned Locked Moved HA/CARP/VIPs
7 Posts 3 Posters 3.9k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • P
    pitabata
    last edited by Apr 16, 2008, 4:59 PM Apr 16, 2008, 1:03 PM

    Hi all

    I try to build a cluster with pfsense(v 1.0.1). so i need to install carp following to the tutorial below (http://pfsense.iserv.nl/tutorials/carp/carp_cluster.htm) !!
    But on the list of available packages, i do not have CARP  ??? ???

    I have (for example) Dashboard , Lightsquid  , OpenBGPD  ,Zabbix Agent  , ….. but not CARP!!

    Please help  :'( :'( :'(

    1 Reply Last reply Reply Quote 0
    • D
      dotdash
      last edited by Apr 16, 2008, 2:25 PM

      That is a really old tutorial. A package is no longer needed for CARP.
      Look at this instead: http://www.pfsense.org/mirror.php?section=tutorials/carp/carp-cluster-new.htm

      1 Reply Last reply Reply Quote 0
      • P
        pitabata
        last edited by Apr 16, 2008, 2:55 PM

        Ok, i have tried that link since this morning with IE7 but nothing appaears, i have a white window.
        With firefox, it works  ;D ;D ;D ;D

        Thanks a lot  8)

        1 Reply Last reply Reply Quote 0
        • P
          pitabata
          last edited by Apr 16, 2008, 4:59 PM Apr 16, 2008, 4:57 PM

          Again .. !!

          Here is what we have: Wan –- Dmz --- Lan On 2 Pfsense!

          To build the cluster, should i have another card(opt2) on both pfsense or can i active it on the wan interface??

          1 Reply Last reply Reply Quote 0
          • D
            dotdash
            last edited by Apr 16, 2008, 5:11 PM

            It is highly recommended to run a separate sync interface, but you can run it on an existing interface. I think it would be a better idea to use the LAN and not the WAN for sync if you did not have the fourth interface.

            1 Reply Last reply Reply Quote 0
            • H
              hoba
              last edited by Apr 16, 2008, 8:37 PM

              Never set WAN as your sync interface. Syncmessages are statemessages, so an attacker could send an openstate message and punch holes in your firewall this way. That's why you should usually run a dedicated sync interface. You also could set this up with vlans if the ports on your hardware are limitted. This would require a vlancapable switch then though. If you want to run it on one of the existing interfaces LAN is the safest zone to have it running on.

              1 Reply Last reply Reply Quote 0
              • P
                pitabata
                last edited by Apr 17, 2008, 10:07 AM

                Ok, I think it is safer to buy a fourth card!! Thank for advices!!  ;)

                1 Reply Last reply Reply Quote 0
                7 out of 7
                • First post
                  7/7
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                  This community forum collects and processes your personal information.
                  consent.not_received