There's a sysctl specifically for this. Not at my computer right now, but the following should make it jump out at you:
# sysctl -d | grep carp Cheers, Freddie On Jan 1, 2015 3:20 AM, "Aristedes Maniatis" <[email protected]> wrote: > I have two firewalls built with FreeBSD 10.1 which are working nicely. > Upstream I have two internet links, one going into each firewall. An IP > address is shared between the two firewalls using CARP. Internally, we have > another address shared between the firewalls, and set as the default > gateway for all devices behind. > > So far, pretty simple. My question that isn't answered in the FreeBSD > handbook is what to do with the vhid. If one of the external interfaces > goes down I want everything to fail over to the secondary firewall. But > that means the internal and external interfaces should fail over together. > Should I be doing that by using a single vhid for all interfaces (does that > bind them together to failover?), or by writing a script to detect the > failover and then bring down the other interface? > > Thanks > Ari > > > -- > --------------------------> > Aristedes Maniatis > ish > http://www.ish.com.au > Level 1, 30 Wilson Street Newtown 2042 Australia > phone +61 2 9550 5001 fax +61 2 9550 4001 > GPG fingerprint CBFB 84B4 738D 4E87 5E5C 5EFA EF6A 7D2E 3E49 102A > _______________________________________________ > [email protected] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "[email protected]" > _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[email protected]"
