Master-Master Config
-
Hello,
we've 2 firewalls:
fw001
fw002I want to setup 4 carp ip adresses… 2 internal an 2 external. I want to do the following config
carp0 - extern 1
capr1 - extern 2
carp2 - intern 1
carp3 - intern 2I've disabled the sync of carp adresses. Then I've manually created on both firewalls the carp adresses.
fw001-->carp0--> adv Freq=0
fw002-->carp0--> adv Freq=100
fw001-->carp1--> adv Freq=100
fw002-->carp1--> adv Freq=0
fw001-->carp2--> adv Freq=0
fw002-->carp2--> adv Freq=100
fw001-->carp3--> adv Freq=100
fw002-->carp3--> adv Freq=0see also http://www.countersiege.com/doc/pfsync-carp/#configuration figure "Something bigger" but only with 2 servers.
Each firewall show 2 master and 2 backup carp adresses. Is this config possible or I'll get problems with pfsense?
Greetings
Thomas
-
Sorry, not supported. We only do master / backup.
-
I've your answer expected ;D but:
In CARP-Documentation is written that's possible.Is it not supported because it's not tested? Or is not working and I'll get problems? Is it technical (e.g. unsupported) possible to sync in both directions (fw001 <–> fw002).
I ask because I want share applications over two firewalls:
fw001: vpn, internet access,...
fw002: web hostings, dmz, ...If one firewall goes down then the other firewall run all.
Is it planned in future to support master-master?