[SOLVED] question about carp failover



  • Hello,

    i have a question in regard of carp failover cluster, i will take a simple example, i have two box with 2 connection on each (LAN and a WAN).

    i setup carp on the LAN and the WAN, and now i would like to know what happens if this scenario occurs:

    LAN1 interface on box1 go down, so traffic from lan subnet will go through the LAN2 connection on box2 and output by the WAN2 of box2.
    but the response will come back on the WAN1 interface since it is the master.

    but the problem is that box1 had never see the initializing packet coming from the lan subnet and will drop the response !

    thanks in advance for your help.



  • The whole point of CARP is to use a shared CARP address for both LAN and WAN. That way, if box 1 goes down, box 2 will take over the virtual IPs and states. pfSense is setup so that when the LAN dies on box 1 it will fail all of it's CARP addresses to box 2 (preemption).



  • @dotdash:

    The whole point of CARP is to use a shared CARP address for both LAN and WAN. That way, if box 1 goes down, box 2 will take over the virtual IPs and states. pfSense is setup so that when the LAN dies on box 1 it will fail all of it's CARP addresses to box 2 (preemption).

    hum it seems my pfsense dont do this, i must have miss something.
    i have setup a carp on WAN with a vhid 1 and a carp on LAN with a vhid 2.
    and if lan1 fail, lan2 on box2 take over the virtual ip and become the lan master but my wan1 connection still stay the master !

    does my config is wrong ?



  • ok i have found my problem, it is my fault i have not read well the tutorial.
    i have created the virtual ip manually on both the master and the slave and i think it was the problem, i must create the vip only on the master and they will be sync automatically on the slave.


Log in to reply