RE: [pfSense Support] CARP Load balance

Wed, 06 Sep 2006 05:04:29 -0700 

> On 9/5/06, Bill Marquette <[EMAIL PROTECTED]> wrote:
> > Robert has about the _only_ legitimate use for this feature.  And an
> > interesting network layout to boot.  I suspect we don't allow for
> > duplicate VHIDs though which would be required to make this work.
> > Other than that, in his case, I'd expect that this should more or less
> > "do the right thing" - as long as he isn't planning on handling
> > inbound traffic :)
>
> Yes, our logic disallows indentical VHIDS.   I got sorta tired of
> people resuing VHID's and after the 3rd or fourth kernel panics
> appear.
>
> Scott

I accept that I have an unusual layout. In some ways it was based on the
CARP documentation so it is not a great surprise that it includes "about the
_only_ legitimate use for this feature". I am OK with the fact that what I
am doing is unsupported and my require me to do the odd hack each time I
upgrade.

If you wish I can do the following:-

Document the setup including the hack to get it to work (in case anyone else
wants to achieve the same)

PS I am already trying to find time to submit my changes for local RFC 2136
updates from the pfsense DHCP server to HEAD (the changes I did against RC2
failed miserably when applied to HEAD and as you know the window is closed
for inclusion in 1.0).

For info my carp setup is as follows:-

Firewall 1 WAN 10.0.0.3
# ifconfig
.....
carp0: flags=49<UP,LOOPBACK,RUNNING> mtu 1500
        inet 10.0.0.4 netmask 0xffffff00
        carp: BACKUP vhid 1 advbase 1 advskew 200
carp1: flags=49<UP,LOOPBACK,RUNNING> mtu 1500
        inet 10.0.0.4 netmask 0xffffff00
        carp: MASTER vhid 2 advbase 1 advskew 0

Firewall 2 WAN 10.0.0.5
# ifconfig
.....
carp0: flags=49<UP,LOOPBACK,RUNNING> mtu 1500
        inet 10.0.0.4 netmask 0xffffff00
        carp: MASTER vhid 1 advbase 1 advskew 0
carp1: flags=49<UP,LOOPBACK,RUNNING> mtu 1500
        inet 10.0.0.4 netmask 0xffffff00
        carp: BACKUP vhid 2 advbase 1 advskew 200

----Rob


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to