CARP vhid: across interfaces?
Freddie Cash
fjwcash at gmail.com
Thu Jan 1 11:22:47 UTC 2015
There's a sysctl specifically for this. Not at my computer right now, but
the following should make it jump out at you:
# sysctl -d | grep carp
Cheers,
Freddie
On Jan 1, 2015 3:20 AM, "Aristedes Maniatis" <ari at ish.com.au> wrote:
> I have two firewalls built with FreeBSD 10.1 which are working nicely.
> Upstream I have two internet links, one going into each firewall. An IP
> address is shared between the two firewalls using CARP. Internally, we have
> another address shared between the firewalls, and set as the default
> gateway for all devices behind.
>
> So far, pretty simple. My question that isn't answered in the FreeBSD
> handbook is what to do with the vhid. If one of the external interfaces
> goes down I want everything to fail over to the secondary firewall. But
> that means the internal and external interfaces should fail over together.
> Should I be doing that by using a single vhid for all interfaces (does that
> bind them together to failover?), or by writing a script to detect the
> failover and then bring down the other interface?
>
> Thanks
> Ari
>
>
> --
> -------------------------->
> Aristedes Maniatis
> ish
> http://www.ish.com.au
> Level 1, 30 Wilson Street Newtown 2042 Australia
> phone +61 2 9550 5001 fax +61 2 9550 4001
> GPG fingerprint CBFB 84B4 738D 4E87 5E5C 5EFA EF6A 7D2E 3E49 102A
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>
More information about the freebsd-net
mailing list