Hi all,
in the official CARP/pfsync faq here: http://www.openbsd.org/faq/pf/carp.html
I found an information, that suggests that it's possible to use CARP without
IPs attached to the physical interfaces used in a CARP group:
ipaddress
This is the shared IP address assigned to the redundancy
Henning, thanks for your quick reply.
Which disadvantages could this mode of operation have compared to the
classic mode with IPs assigned?
the backup node might not be able to reach the network on the carp if
Hmm... what does this mean to me..? To make it more precise - my setup looks
like
Hi again,
just to close this case I'd like to mention that my problems with this setup
were caused by some faulty pf.conf rules, which had not been adapted to the
cluster config beforehand, i.e. it works now. :)
Regards
Christoph
Physical NIC - trunk interface - vlan interface = physical
Hi all,
is there a standard or recommended way to keep the pf.conf on the CARP cluster
members in sync?
Thanks!
Regards
Christoph
--
Christoph Peus
Universität Witten/Herdecke
Bereich Informationstechnologie
Tel: +49 2302 926-212
Fax: +49 2302 926-44857
mailto:christoph.p...@uni-wh.de
Hi all,
thanks for all your input to my small question about how to keep the pf.conf
in sync!
I have to care for exactly one firewall cluster, so I would like to avoid
complex tools for this task. I will probably use rdist.
Have fun!
Regards
Christoph
Private Universit?t Witten/Herdecke gGmbH
Hi all,
I'm currently planning for a complete reorganization i.e. rewrite of a
historically grown pf.conf of about 300 rules. Up to now each and every rule
uses the quick keyword, which effectively turns the last match concept of
pf into a first match one. Does that make any sense?
Of course.. as
6 matches
Mail list logo
