Then the redundant IP should be on the carp interface
Are you going to use carp on the external (public) interface ?
In order to use failover, yes.
We are moving from single to dual 3.7 FW's with CARP. The external
interface has a lot of binated aliases and I am unsure if they are to go
into hostname.carpN or stay as they are in hostname.ext_if.
Like this?:
FW1:
hostname.ext_if
inet aaa.bbb.ccc.125 <netmask>
hostname.carpN
inet aaa.bbb.ccc.124 <netmask>
inet alias aaa.bbb.ccc.122 255.255.255.255
inet alias aaa.bbb.ccc.121 255.255.255.255
etc.
FW2:
hostname.ext_if
inet aaa.bbb.ccc.123 <netmask>
hostname.carpN
inet aaa.bbb.ccc.124 <netmask>
inet alias aaa.bbb.ccc.122 255.255.255.255
inet alias aaa.bbb.ccc.121 255.255.255.255
etc.
Sorry if I'm being stupid here...
