On Fri, Aug 04, 2006 at 02:45:00PM -0600, Tim Pushor wrote:
> Hi Joachim,
>
> Joachim Schipper wrote:
> >On Thu, Aug 03, 2006 at 02:26:40PM -0600, Tim Pushor wrote:
> >
> >>Well, after playing a little with trunk(4), etherchannel, and carp I am
> >>wondering something:
> >>
> >>Trying to achieve both firewall redundancy (via carp) and ethernet
> >>redundancy (via trunk(4)), would it be possible and (and maybe even
> >>recommended) to have firewall-1 connected solely to switch-1 and
> >>firewall-2 connected solely to switch-2, forgo the trunk(4), and just
> >>use carp to detect if either of the switches has failed, and fail over
> >>to the other switch/firewall combo?
> >>
> >>Am I making sense?
> >>
> >
> >I'm not entirely sure what you intend to achieve, but carp doesn't cross
> >switches (it works on the local Ethernet segment).
> >
> Really? I guess I don't understand enough about how carp works. I didn't
> see that as a limitation in any documentation that I read. Why exactly
> is this?
Well, turns out that *I* am the one who is being stupid here. I was
fairly uncertain after hitting send, but since nobody objected I thought
it might be correct after all.
ARP level load balancing, as it's called in the manual, does have the
above limitation (obviously). Straight CARP is an IP protocol, though,
and crosses routers just fine.
Sorry for the misinformation!
Joachim
