Hi,
sorry to hijack the thread, my question is not directly related, but
deals with same goal.
I have physical topology where datacentre has two carped firewalls,
while branch offices have single firewall each, with two uplinks:
isp2---em0
branchoffice1
datacenterA isp3---em1
em0
\ isp4---em0
carp0---isp1 INTERNET branchoffice2
/ isp5---em1
em0
datacenterB ispX---em0
branchofficeN
ispY---em1
I'd like to achieve two primary goals:
- each branch office has routes to both datacentre and all other branch
offices (OSPF?)
- each branch office uses em0 as primary link, fails over automatically
to em1 when em0 fails
I tried GRE tunnels from branch offices' both phsycal interfaces to
datacentres' carp interface, but this doesn't work (apparently gre is
not aware of carp and links go down when carp master changes). I din't
test two gre tunnels for each branch office's physical interface (one
to each carp member physical interface), as this seems too cumbersome to
maintain even if it worked.
Any advices?
Thank you in advance,
--
Before enlightenment - chop wood, draw water.
After enlightenment - chop wood, draw water.
Marko Cupać
https://www.mimar.rs/
