On 9/21/2011 9:55 AM, David Brown wrote: > Just to confirm what I'm looking for here, I would want to switch over > to the secondary if any of the NICs on the main system failed, or if the > main system itself failed. But it should not switch if interfaces such > as the VPNs fail. > > Realistically, it is probably the router computer itself (disk, cpu fan, > power supply) that will fail rather than the NICs.
The only interfaces that can trigger a failover are those with CARP VIPs configured upon them. If one interface with a CARP VIP goes down, the backup will take over all of the CARP VIPs. Relating that behavior to the NIC is not 100% correct really, since it's actually the CARP VIPs that go up/down and thus triggering the failover to the other box since all traffic should be flowing through the CARP VIPs. Anything that is tied specifically to one box or the other would not be affected by the failover, which is why everything should be using CARP VIPs for the gateway, outbound NAT, services, etc. Jim _______________________________________________ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
