CARP and NAT question
Matthew Grooms
mgrooms at shrew.net
Tue Oct 8 15:20:42 UTC 2019
Hi Julien,
It's not clear why you are trying to assign multiple carp IP address to
two different interfaces from within the same IP subnet. Are you trying
to fail over a 2nd carp address or are you trying to improve
throughput/redundancy? If you just want to fail over a 2nd carp address,
assign a 2nd alias to your first interface. If your trying to improve
throughput/redundancy, assign both interfaces to a lagg and build your
carp interfaces on top of that instead.
-Matthew
On 10/8/2019 8:48 AM, Julien Cigar wrote:
> Hello,
>
> I'd like to NAT outbound traffic from two different private networks
> through two different interfaces, with CARP on top. I have 4 public IPS
> available (193.x.x.89, 193.x.x.90, 193.x.x.91, 193.x.x.92).
>
> I have two redundant router/firewall running FreeBSD 12 with CARP and
> PF with the following: (1) which works well, but all traffic
> goes through the same interface.
>
> So I'd like to switch to something like (2), which will not work (lines
> 5 and 13 are not valid) and I'm wondering if I could use something like
> (3) ..?
>
> Thank you!
> Julien
>
> (1) https://gist.github.com/silenius/4f6173a9b6690292c2174ab3bb89d292
> (2) https://gist.github.com/silenius/da9be7e74e9861fa55f927d194e3e410
> (3) https://gist.github.com/silenius/b237565b0d181248ff80ea296e5537db
>
More information about the freebsd-net
mailing list