I'm looking at implementing a new CARP setup for a couple of sites, but have a few questions before I dive in:
1. For two pfSense systems, is it confirmed that 3 IPs will be needed on each subnet/interface? My understanding is one IP per host, plus the 'floating' IP managed by CARP, for a total of 3. If this is the case, could a non-subnet specific IP (aka private) be used in the case where public nets are in play and address space is limited? 2. OpenVPN is utilized quite heavily, both in 'Road Warrior' mode, and site-to-site. I understand the road warrior connections will simply fail on CARP failover, then reconnect to the other system. However, on site-to-site connections, how does the failover work? I assume both pfSense boxen cannot be connected for the site-to-site VPN at the same time as that would cause routing issues. Will OpenVPN be 'activated' upon CARP failover to a host? Thanks for your input! --Tim _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
