One last thing: Is there currently any way to *not* assign an IP directly to the WAN interface in a CARP config?
Since the IPs assigned directly to the WAN can't be used in a failover situation (if I understand correctly), I would like to not have to use an extra public static IP to set up each CARP member. I was thinking that *maybe* if I just assigned an IP from a private address range to the WAN interface (obviously NOT an address I'm using internally on the LAN side), but actually used the correct subnet mask and gateway address for my public subnet, maybe it would work if I changed AON to NOT use the "default" IP on the WAN. Does that make sense? If there is currently no way, maybe a feature could be added such that you could choose one of the CARP IPs to be the "default" IP on the WAN interface to achieve this and have the rules work. Would that make sense? Of course, this might be moot if there's a way to do it already.. Thanks guys.. Dimitri Rodis Integrita Systems LLC -----Original Message----- From: Chris Buechler [mailto:[EMAIL PROTECTED] Sent: Thursday, April 17, 2008 5:32 PM To: [email protected] Subject: Re: [pfSense Support] 3-way CARP On Thu, Apr 17, 2008 at 8:24 PM, Dimitri Rodis <[EMAIL PROTECTED]> wrote: > So really the peer IP option is there for folks who don't have a > dedicated interface, so that the pfsync traffic doesn't flood the > network, is that right? > No, it's more for networks with switches that don't play nicely with multicast traffic. > So, in a 3-way config, do you always have to make configuration changes > on the "master"? Or can they be made on any of them? > you always have to make changes on the master. any changes made on any other machine will be overwritten. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
