Date: Wed, 30 Jul 2008 18:06:03 +0300 From: Nikos Vassiliadis <nvass@teledomenet.gr> To: "Alexandre Biancalana" <biancalana@gmail.com>, questions@freebsd.org Subject: Re: carp+openospfd Message-ID: <200807301806.04141.nvass@teledomenet.gr> In-Reply-To: <8e10486b0807300656j54a6fb31p65add890fd00bc8c@mail.gmail.com> References: <8e10486b0807292151wa67d464kfd906da08a2f8053@mail.gmail.com> <200807301239.59573.nvass@teledomenet.gr> <8e10486b0807300656j54a6fb31p65add890fd00bc8c@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday 30 July 2008 16:56:23 Alexandre Biancalana wrote: > On 7/30/08, Nikos Vassiliadis <nvass@teledomenet.gr> wrote: > > On Wednesday 30 July 2008 07:51:52 Alexandre Biancalana wrote: > > > Hi list, (I already ask this on -net, but I get no answers) > > > > > > I have two 100Mbit link (L2L, lan to lan) between the company and > > > our datacenter, on each side I have two redudant (pf+carp) > > > firewalls. > > > > > > I configured one vlan for each 100Mbit link and used carp to do > > > the failover between machines on each side, the vlan interfaces are > > > configured without ip address (with Max's > > > carpdev patch), only carp interfaces have ips. > > > > > > I want to use OpenOSPFD to distribute our internal routes and do > > > automatic failover+loadbalance of this two 100Mbit links. > > > > > > This work ? Someone have a similar setup ? Any hints ? > > > > I think using OSPF and CARP on the same interface could have > > unexpected results. > > I see some examples You get to have two ways to forward packet to a destination. One via CARP and one via OSPF. I think it's a possible source of errors. > > > I would use CARP on the "lan to lan" link to provide redundancy > > and load balancing. Do you have to use OSPF? > > That is, is there an OSPF domain in which you have to be part of? > > I use CARP for firewall redundancy on each side. I want to use OSPF to > easy distribute routes on my networks, the failover and load balance > of the links are a desirable plus. So, there is an OSPF domain besides the four FreeBSD firewalls, right? Could you provide your network's topology? Is it something like: LAN1----CLUSTER1====CLUSTER2----LAN2 where: CLUSTER1 = CARP(FW1, FW2) CLUSTER2 = CARP(FW3, FW4) ??? For example, in the above diagram you cannot load balance the traffic, it will always go through the same routers: FW1 and FW3 or FW1 and FW4 or FW2 and FW3 or FW2 and FW4. It will of course failover in case of a FW failure. > I would use CARP on the "lan to lan" link to provide redundancy > and load balancing. So, my suggestion above is false, at least with the current CARP on FreeBSD. Please supply more info about your setup, Nikos
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200807301806.04141.nvass>