* Kim Zeitler kim.zeit...@konzept-is.de [2014-07-25 11:19]:
we have a similar setup here, with only a /29 range of external addresses.
Until now, we have had no problems so far running this using only one
external carp IF (using a private IP) and adding all external addresses
as aliases. But
Hello Waldemar,
On 24.07.2014 17:44, Waldemar Brodkorb wrote:
Hi Peter,
Peter Hessler wrote,
if the addresses on the carp interface are out of sync, then the hashes
won't mash, and the firewalls *WILL* conflict with each other.
I recommend one IP per carp interface. Far nicer in case you
On 2014-07-24, Waldemar Brodkorb m...@waldemar-brodkorb.de wrote:
Hi OpenBSD hackers,
we like to use OpenBSD for our corporate firewall.
We have two appliances and want to setup carp and pfsync.
In the past I used this for a simple firewall connected to
a provider via dsl without a DMZ. This
On 2014-07-24, Peter Hessler phess...@theapt.org wrote:
if the addresses on the carp interface are out of sync, then the hashes
won't mash, and the firewalls *WILL* conflict with each other.
I recommend one IP per carp interface. Far nicer in case you screw that
bit up, and much easier to
Hi OpenBSD hackers,
we like to use OpenBSD for our corporate firewall.
We have two appliances and want to setup carp and pfsync.
In the past I used this for a simple firewall connected to
a provider via dsl without a DMZ. This worked fine and I know
how to configure it.
Now our firewall is used
if the addresses on the carp interface are out of sync, then the hashes
won't mash, and the firewalls *WILL* conflict with each other.
I recommend one IP per carp interface. Far nicer in case you screw that
bit up, and much easier to balance IPs to one system or the other.
On 2014 Jul 24
Hi Peter,
Peter Hessler wrote,
if the addresses on the carp interface are out of sync, then the hashes
won't mash, and the firewalls *WILL* conflict with each other.
I recommend one IP per carp interface. Far nicer in case you screw that
bit up, and much easier to balance IPs to one system
7 matches
Mail list logo