ok.. I'll try. I use the google dns ip as example for my static public ip address. fw1 carp0 8.8.8.8 ## (internet shared ip <-- lan) fw1 carp1 192.168.1.1 ## (lan shared ip default gw) fw1 carp2 10.1.1.1 ## (dmz shared ip) fw1 bnx0 8.8.8.7 ## (internet) fw1 bge0 192.168.1.2 ## (lan) fw1 bnx1 10.1.1.2 ## (dmz) fw1 bge1 192.168.254.1 ## (pfsync)
fw2 carp0 8.8.8.8 fw2 carp1 192.168.1.1 fw2 carp2 10.1.1.1 fw2 bnx0 8.8.8.6 fw2 bge0 192.168.1.3 fw2 bnx1 10.1.1.3 fw2 bge1 192.168.1.254.2 # (pfsync) Now I want add 8.8.8.10 static and public ip to flow the traffic to the dmz because 8.8.8.8 flow traffic to the lan. As I understand I have to add the following lines to IF configuration files: fw1 hostname.carp0: inet alias 8.8.8.10 255.255.255.255. NONE fw1 hostname.bnx0: inet alias 8.8.8.11 255.255.255.255 NONE fw2 hostname.carp0: inet alias 8.8.8.10 255.255.255.255. NONE fw2 hostname.bnx0: inet alias 8.8.8.12 255.255.255.255 NONE is that right ? 2017-02-28 15:07 GMT+01:00 Igor V. Gubenko <i...@gubenko.com>: > It's not completely clear - > > 4) - is the IP 10.1.1.2 on a separate interface? What did you configure > carp2 on? > > Can you restate your question and/or describe how you want the traffic > to flow, as well as your network topology? > > - Igor > > > On 2/27/17 6:07 AM, Frank White wrote: > > hi, > > I have 2 firewall in cluster with carp. The following is my configuration > > (8.x.x.x are examples for wan ip): > > first firewall > > 1) bnx0 8.8.8.7 (internet) > > 2) bge0 192.168.100.2 (lan) > > 3) bnx1 pfsync > > 4) 10.1.1.2 dmz > > > > carp0 8.8.8.8 (internet) > > carp1 192.168.100.1 (gateway for the lan) > > carp2 10.1.1.1 (gateway for the dmz) > > > > now I want add the ip 8.8.8.10 to redirect all traffic from it to the > dmz... > > how should I configure it ? > > I know how to redirect the traffic with pf.. my question concern how to > > configure carp and the nic.. > > for example should I create a new carp with ip 8.8.8.10 and an alias for > > the bnx0 with ip 8.8.8.11 ?
