PF - Carp and vhid limitations
Michael K. Smith - Adhost
mksmith at adhost.com
Wed Dec 5 12:05:39 PST 2007
Hello All:
I'm interested in using PF to front a web farm where there will be lots of static IP addresses for SSL affinity. As such, I expect to have many more than 255 CARP interfaces. But, as I understand it, I'm limited to 255 vhid's and I have to have a discreet vhid per CARP interface.
Is there a way to configure my CARP interfaces such that I can get around this limitation? Right now, I configure everything as:
ifconfig_carp5="inet 192.168.1.2 netmask 255.255.255.192 vhid 5 advskew 0 pass mypass"
ifconfig_carp6="inet 192.168.1.3 netmask 255.255.255.192 vhid 6 advskew 0 pass mypass"
and so on.
I'm wondering if there is a way to alias IP addresses in the same subnet "ifconfig_carp5_alias" or something similar. It seems like there is a reuse mechanism in OpenBSD because you can associate a carpdev to the entry, but I don't see that in FreeBSD.
Regards,
Mike
--
Michael K. Smith, GISP
mksmith at adhost.com
w: +1 (206) 404-9500 f: +1 (206) 404-9050
PGP: B49A DDF5 8611 27F3 08B9 84BB E61E 38C0 (Key ID: 0x9A96777D)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 474 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20071205/d590107c/PGP.pgp
More information about the freebsd-questions
mailing list