sorry to hijack the thread, my question is not directly related, but
deals with same goal.

I have physical topology where datacentre has two carped firewalls,
while branch offices have single firewall each, with two uplinks:

datacenterA                      isp3---em1
            \                    isp4---em0
           carp0---isp1 INTERNET         branchoffice2
            /                    isp5---em1
datacenterB                      ispX---em0

I'd like to achieve two primary goals:
- each branch office has routes to both datacentre and all other branch
  offices (OSPF?)
- each branch office uses em0 as primary link, fails over automatically
  to em1 when em0 fails

I tried GRE tunnels from branch offices' both phsycal interfaces to
datacentres' carp interface, but this doesn't work (apparently gre is
not aware of carp and links go down when carp master changes). I din't
test two gre tunnels for each branch office's physical interface (one
to each carp member physical interface), as this seems too cumbersome to
maintain even if it worked.

Any advices?

Thank you in advance,
Before enlightenment - chop wood, draw water.
After  enlightenment - chop wood, draw water.

Marko Cupać

Reply via email to