Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
HA Setup with multiple Public IP's - routing Problem
« previous
next »
Print
Pages: [
1
]
Author
Topic: HA Setup with multiple Public IP's - routing Problem (Read 1800 times)
c-mu
Full Member
Posts: 210
Karma: 5
HA Setup with multiple Public IP's - routing Problem
«
on:
March 15, 2020, 12:24:18 pm »
Hi,
I've got a few Public IP's and Configured them like this:
HA-Master: x.x.x.103
HA-Slave: x.x.x.250
All other IP's as CARP - IP Alias with VHID did'nt worked for me.
So my question now is about: I've got a few Port Forwards for the x.x.x.250 IP. But as long as my Master is... the master.. all requests are first going to my HS-Slave, becuase it is the Public IP of the slave, and my Service behind the .250 want to answer via default Gateway, wich is my Master - you see the problem? A valid connection cant be established. Is there a routing trick, that I did'nt see so far?
Is it Possbile the set the .250 as an other CARP address, even though that this is the public IP of the slave? My thought is, that the Master will then receive the .250 requests.
Thank you!
Logged
banym
Sr. Member
Posts: 468
Karma: 31
Free Human Being, FreeBSD, Linux and Mac nerd
Re: HA Setup with multiple Public IP's - routing Problem
«
Reply #1 on:
March 15, 2020, 02:38:40 pm »
Hi,
if you have configured the IP for Slave and Master fixed to the interfaces they are
NOT
part of HA-Sync.
Only CARP Adresses are synchronized and the Port forward will work after take over.
The Fixed addresses should only be used for direct access of each Box, not for services or Port-Forwards.
That means each box has a fixed WAN Adress not part of HA-Setup and in most cases each box has a fixed LAN Adress. Same here for LAN Addresses, they are not part of HA-Setup.
More detailed information:
https://wiki.opnsense.org/manual/how-tos/carp.html
Logged
Twitter: banym
Mastodon: banym@bsd.network
Blog:
https://www.banym.de
c-mu
Full Member
Posts: 210
Karma: 5
Re: HA Setup with multiple Public IP's - routing Problem
«
Reply #2 on:
March 15, 2020, 04:05:43 pm »
So in other words i should Set a private Addresse on the outside Interface and all Public addresses AS carp?
Logged
banym
Sr. Member
Posts: 468
Karma: 31
Free Human Being, FreeBSD, Linux and Mac nerd
Re: HA Setup with multiple Public IP's - routing Problem
«
Reply #3 on:
March 15, 2020, 04:58:21 pm »
No, I think you loose two public Addresses for the two Firewalls and the rest of the public IPs you can use as CARP.
Logged
Twitter: banym
Mastodon: banym@bsd.network
Blog:
https://www.banym.de
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
HA Setup with multiple Public IP's - routing Problem