On 11/17/10 13:15, Steven Surdock wrote:
-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf Of
Jeff Ross
Subject: Number of static IP addresses needed for CARP
...
I understand that I'll need to drop a small switch between the cable modem
and the redundant firewalls but what I don't understand clearly is how
many real, external static IPs I'm going to need. Page 120 of the Book of
PF 2 has a diagram that makes me think I'll need 3--carp0 on each firewall
gets the IP I have now, and the $ext_if on each firewall gets another
static IP each.
Three is nice, but only one on the CARP interface is necessary.
-Steve S.
!DSPAM:4ce441c269661107318431!
Thanks, Steve.
What can one then use for the IP addresses for the $ext_if of the
firewalls? In the example in the Book of PF2 I referenced before, the
carp0 address is 192.0.2.19, with 192.0.2.17 and 192.0.2.18 assigned to
the external interfaces of the firewalls. Ryan McBrides "Firewall
Failover with pfsync and CARP" linked to in the FAQ entry on CARP also
doesn't use routable IPs.
I don't think Bresnan is going to take kindly to me just grabbing a
couple of IPs next to my static IP.
If it really doesn't matter then *that's* the source of my confusion.
Jeff
