On Thu, Apr 17, 2008 at 9:00 PM, Chris Buechler <[EMAIL PROTECTED]> wrote: > On Thu, Apr 17, 2008 at 8:50 PM, Dimitri Rodis > <[EMAIL PROTECTED]> wrote: > > One last thing: > > > > Is there currently any way to *not* assign an IP directly to the WAN > > interface in a CARP config? > > > > No, not at this time. > > > > > Since the IPs assigned directly to the WAN can't be used in a failover > > situation (if I understand correctly), I would like to not have to use > > an extra public static IP to set up each CARP member. > > > > I was thinking that *maybe* if I just assigned an IP from a private > > address range to the WAN interface (obviously NOT an address I'm using > > internally on the LAN side), but actually used the correct subnet mask > > and gateway address for my public subnet, maybe it would work if I > > changed AON to NOT use the "default" IP on the WAN. Does that make > > sense? > > > > That won't work, CARP IPs must be within the subnet of an IP address > assigned to that interface. > > I believe carpdev addresses this, and I believe we have a patch for > this incorporated into our 1.3 builds, though I don't believe it's > been tested much if at all yet.
Be aware that even with the carpdev functionality that things that source from the firewall to the WAN won't work on the secondary until it's master. I think package installation is the main one, but consider that if you use an internet NTP server (the default config) that you won't get NTP, nor will you even be able to resolve the NTP server addresses. Just things to be aware of and to take into consideration when designing your network. --Bill --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
