Netgate SG-1000 microFirewall

Author Topic: Giving CARP a try  (Read 116 times)

0 Members and 1 Guest are viewing this topic.

Offline sirjorj

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Giving CARP a try
« on: January 04, 2018, 03:57:14 pm »
The pfsense router i built a year ago has been fantastic so I decided to kick it up a notch - I built a second one identical to the first to see if I can get CARP working.  This is not an 'I absolutely need redundancy and zero downtime' situation - it is more of a 'I want to learn how this works and i think that not losing my Internet connection while updating a router would be pretty cool' scenario.

Having said that, I have a cable Internet connection and I know that my ISP will allow up to 5 dynamic addresses per customer.  I have a managed switch on which I put 4 ports on a separate VLAN for the WAN side - one for the modem, one for each router, and an extra just for good measure.  I see a post here that says that static ip addresses are required for carp (though the wiki says nothing about that) but there is a workaround.  Could someone expand on that - maybe even on the wiki so others could easily access it?

I also have dyndns giving me a hostname so I can connect to my home network via openvpn when I'm out.  I'm not sure how that would work - would dyndns point to the shared ip address and the 'active' node would respond?

So is CARP an option for me?  Or do I not meet the requirements?


Offline Derelict

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 9805
  • Karma: +1107/-311
    • View Profile
Re: Giving CARP a try
« Reply #1 on: January 04, 2018, 04:12:34 pm »
CARP/HA is incompatible with dynamic addressing.

Get a static /29 from them instead and you'll be all set.
Las Vegas, Nevada, USA
Use this diagram to describe your issue.
The pfSense Book is now available for just $24.70!