[pfSense Support] CARP and BGP
Am I correct in assuming that CARP and BGP cannot work together - as CARP pushes private ip addresses ? - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] CARP and BGP
On Fri, Nov 13, 2009 at 9:13 PM, Glenn Kelley wrote: > Am I correct in assuming that CARP and BGP cannot work together - as CARP > pushes private ip addresses ? > CARP doesn't push private IPs, not sure what you mean by that, but it can work just the same as anything with public IPs. Though there are likely complications related to the BGP package in combination with CARP. Haven't tried it personally, not sure. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] CARP and BGP
Hello, On Sat, Nov 14, 2009 at 03:36, Chris Buechler wrote: > On Fri, Nov 13, 2009 at 9:13 PM, Glenn Kelley wrote: >> Am I correct in assuming that CARP and BGP cannot work together - as CARP >> pushes private ip addresses ? >> > > CARP doesn't push private IPs, not sure what you mean by that, but it > can work just the same as anything with public IPs. Though there are > likely complications related to the BGP package in combination with > CARP. Haven't tried it personally, not sure. It works fine, you have to configure openbgpd to use the carp-address using "local-address". You will still have a short interruption of service until the backup bgpd resyncs the session, but it is a lot faster than to manually reconfigure the routers... We have this running in prodution, feel free to contact me off-list for details. Regards, Aarno -- Aarno Aukia Atrila GmbH Switzerland - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] CARP and BGP
On Sat, Nov 14, 2009 at 4:53 AM, Aarno Aukia wrote: > We have this running in prodution, feel free to contact me off-list for > details. > Can people contribute these sample configurations for "how do I X" to the wiki? Having a lot of recipes on how to accomplish various scenarios is key to increasing adoption of the platform, and helps the project community grow and become stronger. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] CARP and BGP
Aarno Aukia wrote: Hello, On Sat, Nov 14, 2009 at 03:36, Chris Buechler wrote: On Fri, Nov 13, 2009 at 9:13 PM, Glenn Kelley wrote: Am I correct in assuming that CARP and BGP cannot work together - as CARP pushes private ip addresses ? CARP doesn't push private IPs, not sure what you mean by that, but it can work just the same as anything with public IPs. Though there are likely complications related to the BGP package in combination with CARP. Haven't tried it personally, not sure. It works fine, you have to configure openbgpd to use the carp-address using "local-address". You will still have a short interruption of service until the backup bgpd resyncs the session, but it is a lot faster than to manually reconfigure the routers... We have this running in prodution, feel free to contact me off-list for details. Regards, Aarno Could you explain how it works please? I have no questions about active(CARP) one but what about passive? bgpd on passive one will be continuously trying to connect to peer... using what source IP? Thanks, Evgeny. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] CARP and BGP
Hello Evgeny, On Mon, Nov 16, 2009 at 17:31, Evgeny Yurchenko wrote: > Could you explain how it works please? I have no questions about > active(CARP) one but what about passive? bgpd on passive one will be > continuously trying to connect to peer... using what source IP? The key is to use "local-address " and "depend-on carpX". This way the backup bgpd only starts connecting when carp has fail-overed (when the carp interface becomes active) using the carp address. Beware of asymmetric routing though if not using pfsync... -Aarno -- Aarno Aukia Atrila GmbH Switzerland - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
