Answer the question
In order to leave comments, you need to log in
M
M
Mikhail Blokhin2017-05-27 00:48:47
Mikhail Blokhin, 2017-05-27 00:48:47
What is the correct way to configure CARP for HA cluster on FreeBSD to route traffic between VLANs?
Good evening friends.
Actually, I will describe the problem that has arisen.
I have a server running FreeBSD that is used as the default gateway for 66 VLANs.
The network map looks something like this: client PC --> This FreeBSD server --> Router --> Internet.
A firewall is configured on the server to restrict access between VLANs and filter out unnecessary traffic.
It is necessary to ensure the fault tolerance of this server with the help of a spare server that would be in a cold standby.
My choice fell on CARP in conjunction with pfsync. Can you suggest the correct configuration for such a solution?
1 answer(s)
@mishablokhin
A
athacker, 2017-05-29 @mishablokhin
So what exactly is the question? The choice is correct, as a router, such a bundle will work perfectly. There is nothing specific, there are no pitfalls in setting up - do it according to the manual, and that's it.
The only point that I would probably make is that CARP and pfsync service traffic would be moved to a separate vlan, which is not present anywhere else on the network, only on the switch between these two servers. But in principle, this is not necessary, it will just be ideologically correct this way - it is less likely that enemies will be able to spoof CARP packets and break the bundle :-)
Similar questions
C
K
S
V
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question