I've used the following for a while (naturally this assumes that the ISP link is delivered via some shared medium and not a point-to-point link)
/etc/hostname.xxx0: up description "to ISP" /etc/hostname.carp0: inet 192.168.1.2 255.255.255.252 192.168.1.3 vhid 1 carpdev xxx0 -Steve S. > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > Rod Whitworth > Sent: Tuesday, October 28, 2008 11:49 PM > To: Miscellaneous OBSD > Subject: Deploying carp with limited global IPs > > In preparing for a possible carp redundacy setup for a client's border > router/firewall I have found no information so far as to whether it is > possible to have carp working where the link to the ISP is a /30. > > Every example I have found in presentations and tutorials has used 3 > IPs on a typical dual firewall setup. So they assume (all fictional > addresses here) something like 4.3.2.1 is the upstream router, with .2 > for the $ext_if in unit 1, .3 for $ext_if in unit 2 and .4 for the > carp0 in each. > > With a common enough point-to-point /30 link where upstream is .1 and > the firewall is .2, what can we use in hostname.xx0 in each of the > firewalls? No more IPs are available from the ISP apart from a routed > subnet that is expecting to arrive via .2.
