Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
Setting Up CARP on LAN facing interfaces only
« previous
next »
Print
Pages: [
1
]
Author
Topic: Setting Up CARP on LAN facing interfaces only (Read 3615 times)
s1rr10n
Newbie
Posts: 2
Karma: 0
Setting Up CARP on LAN facing interfaces only
«
on:
March 01, 2019, 02:27:59 am »
Hello,
I have two opnsense nodes installed on separate physical hypervisors as VM.
Each of them have their own LAN IP statically assigned. My ISP assigned their WAN IP via DHCP on each.
The documentation
https://wiki.opnsense.org/manual/how-tos/carp.html
mentioned I need to have both WAN and LAN in CARP.
Is it possible to enable CARP only on the LAN Interface (as this is the default gateway of my LAN)?
I do not need to have state synchronization. The goal is that if I need to do maintenance on the first hypervisor, the second gateway will take over and provide internet access to my LAN users.
Thanks!
Logged
mimugmail
Hero Member
Posts: 6767
Karma: 494
Re: Setting Up CARP on LAN facing interfaces only
«
Reply #1 on:
March 01, 2019, 08:21:26 am »
Sure, this will work, but how is WAN configured?
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
s1rr10n
Newbie
Posts: 2
Karma: 0
Re: Setting Up CARP on LAN facing interfaces only
«
Reply #2 on:
March 02, 2019, 01:59:27 am »
Hi,
Each Virtual Firewall have its own public IP assigned by my ISP.
When there is a failover, of course the LAN users active NAT sessions and mapping will drop and will need to reestablish, but that's not a big problem in this setup.
The bigger problem is that I found out the throughput drops by 50% when I use virtual IP. The same setup, when setting my PC to use the Physical IP of the firewall gives me near line rate 1 Gbps throughput. So I am sure this is not a resource issue.
Any idea what might be causing the throughput drop when using Virtual IP?
I searched around google and this forum and could find sporadically ppl having problems with this but no really concrete solution...
Logged
mimugmail
Hero Member
Posts: 6767
Karma: 494
Re: Setting Up CARP on LAN facing interfaces only
«
Reply #3 on:
March 02, 2019, 07:10:33 am »
You mean it decreased from 1000 to 500 but using the same uplink? Never heard of oO
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
Setting Up CARP on LAN facing interfaces only