OPNsense Forum
Archive => 16.7 Legacy Series => Topic started by: romain on October 10, 2016, 08:55:01 pm
-
Hi,
I have few questions on how the carp protocol works.
Let's say I have two firewalls which are identical. 4 physicals network ports and 10 vlans on it.
I would like to configure one of my firewalls to be the master on each VLAN. So all the VIP will be actives on the master ? If I shutdown a vlan interface, the VIP goes directly on the backup but the whole firewall switch to the backup one.
I only tested the carp system with one interface and that was working great. I'm loosing only one ping.
Is this how carp work (active /passive) or is there a way to make active /active scenario ? For example 5 VIP will be active on the first firewall and the second part on the second one ? However in this scenario, how that NAT / routing works ?
Which are the criteria to switch to the backup ? If an interface goes down ? Is it possible to add a weight ? If I have the WAN that go down switch, but if I have the MGMT interface continue to work for example ?
Let me know if I'm not clear.
Thanks !