On Sun, Nov 02 2008 at 37:10, Rod Whitworth wrote: > On Wed, 29 Oct 2008 00:22:01 -0400, Steven Surdock wrote: > > >I've used the following for a while (naturally this assumes that the ISP > >link is delivered via some shared medium and not a point-to-point link) > > > >/etc/hostname.xxx0: > >up description "to ISP" > > > >/etc/hostname.carp0: > >inet 192.168.1.2 255.255.255.252 192.168.1.3 vhid 1 carpdev xxx0 > > > >-Steve S. > > > > > >> -----Original Message----- > >> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf > >Of > >> Rod Whitworth > >> Sent: Tuesday, October 28, 2008 11:49 PM > >> To: Miscellaneous OBSD > >> Subject: Deploying carp with limited global IPs > >> > >> In preparing for a possible carp redundacy setup for a client's border > >> router/firewall I have found no information so far as to whether it is > >> possible to have carp working where the link to the ISP is a /30. > >> > >> Every example I have found in presentations and tutorials has used 3 > >> IPs on a typical dual firewall setup. So they assume (all fictional > >> addresses here) something like 4.3.2.1 is the upstream router, with .2 > >> for the $ext_if in unit 1, .3 for $ext_if in unit 2 and .4 for the > >> carp0 in each. > >> > >> With a common enough point-to-point /30 link where upstream is .1 and > >> the firewall is .2, what can we use in hostname.xx0 in each of the > >> firewalls? No more IPs are available from the ISP apart from a routed > >> subnet that is expecting to arrive via .2. > > > > Sorry, but I don't get what your suggestion can do for the case I > proposed. > Maybe I'm dense. > Assuming my link is 4.3.2.0/30 the upstream router is 4.3.2.1 and I > have no choice but to use 4.3.2.2 as my $ext_if. How does that work > with your example? > > Thanks,
Did you look at ifstated ? I tryed it for 2 firewalls with 1 pppoe link. This setup didn't go on production but worked fine during tests. Claer
