On Sat, Feb 17, 2007 at 07:06:25PM -0500, Scott Ullrich wrote: > On 2/17/07, Eugen Leitl <[EMAIL PROTECTED]> wrote: > [snip] > >Please help me, Obi-Wan, you're my only hope. > > Have you seen http://doc.pfsense.org/index.php/Setting_up_CARP_with_pfSense
Thanks. Yes. It doesn't seem to offer additional information to the tutorial. My problem is that I need to run a pfSense CARP cluster as a router for a public /24 network (no NAT, unfortunately no filtering bridge either, because it doesn't work with CARP), which doesn't seem to be documented anywhere online. I probably just don't know what to search for. I *think* the lack of a dedicated SYNC interface is not fatal, because I can sync either over WAN or LAN (I chose WAN, was that dumb? I'd rather not remove the private/bogon network blocking rule). What I don't know is what to put into LAN side. Right now my network machines have only software firewalling, and just connect to the gateway (85.10.225.1). I'd rather leave that untouched, because it allows me to recover from a misconfiguration by bypassing the firewall via redefining the switch VLANs. Can I put 85.10.225.0/24 both into the LAN and the WAN, and leave the other hosts as is? Right now I'm probably just going to put in the firewall cluster in as is, and tinker remotely. If I can't make a failover cluster work, I'll settle for a filtering bridge. Anyone out there running a pfSense router for a public network with CARP failover cluster? If yes, how did you do that? -- Eugen* Leitl <a href="http://leitl.org";>leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
signature.asc
Description: Digital signature
