Re: [pfSense-discussion] Problems with CARP VIP and layer 3 switch

[Chris Buechler]

On Wed, Apr 13, 2011 at 10:32 PM, Vinicius Coque vco...@gmail.com wrote:
 Hi

 I have two pfSense machines configured as cluster using carp, they are
 both connected to a layer 3 switch. There are about 10 different
 subnets configured on that and each client machine under these subnets
 use the switch as its default gateway, and then it routes the traffic.

 10.10.0.2            10.10.0.3
 ---          
 | pfSense |  -   | pfSense |
 ---          
          VIP 10.10.0.1
               \        /
                \      /
              -
              | switch |
              -
            /               \
          /                   \
 10.10.1.0/24     10.10.2.0/24

 The problem is that every time a configuration is changed, I can
 access the VIP with no problem from the same subnet of the pfSense
 machine (10.10.0.0/24), but for any other subnet the VIP becomes
 unreachable.


Some kind of routing issue it seems. Check the routing table on the
firewall when it doesn't work and verify it.

-
To unsubscribe, e-mail: discussion-unsubscr...@pfsense.com
For additional commands, e-mail: discussion-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Re: [pfSense-discussion] Problems with CARP VIP and layer 3 switch

[Vinicius Coque]

 Some kind of routing issue it seems. Check the routing table on the
 firewall when it doesn't work and verify it.


Hi Chris

I don't think it is a routing issue because I can access the VIP and
the pfSense lan IP from other subnets. When I change some
configuration on cluster just the VIP goes down, while the lan IP of
the pfSense boxes (10.10.0.2 and 10.10.0.3) are still available.

--
Vinícius Coque

-
To unsubscribe, e-mail: discussion-unsubscr...@pfsense.com
For additional commands, e-mail: discussion-h...@pfsense.com

Commercial support available - https://portal.pfsense.org