Hello,
I have a basic testing setup with four machines.
I am testing CARP and port redirection. Gateway 1 and 2 have CARP interfaces.
gateway 1 rc.conf
gateway 2 rc.conf
gateway 1 and 2 share same pf.conf
When I set server 1 with the gateway 10.0.0.18 (the CARP interface for gateway 1) I cannot ssh on port 8822 to server 1 from the windows PC.
When I set server 1 with the gateway 10.0.0.17 (the actual interface interface for gateway 1) I can ssh on port 8822 to server 1 from the windows PC.
This seems to say that the CARP interface is the issue.
I have read that FreeBSD does not have the ability to bind a CARP interface to a specific interface. Is this the problem?
ifconfig on the gateways shows an apparent bind to the loopback address.
Any help always appreciated.
I have a basic testing setup with four machines.
Code:
-[FreeBSD 8.3 gateway 1]-
- -
- -
[Windows PC] [FreeBSD 8.3 server 1]
- -
- -
-[FreeBSD 8.3 gateway 2]-
I am testing CARP and port redirection. Gateway 1 and 2 have CARP interfaces.
gateway 1 rc.conf
Code:
cloned_interfaces="carp0"
ifconfig_carp0="vhid 1 pass PASSWORD 10.0.0.18 netmask 255.255.255.0"
ifconfig_igb0_name="wan0" # ISP
ifconfig_wan0="10.0.0.17/24"
gateway 2 rc.conf
Code:
cloned_interfaces="carp0"
ifconfig_carp0="vhid 1 pass PASSWORD advskew 100 10.0.0.18 netmask 255.255.255.0"
ifconfig_igb0_name="wan0" # ISP
ifconfig_wan0="10.0.0.16/24"
gateway 1 and 2 share same pf.conf
Code:
## TRANSLATION RULES (NAT)
rdr on wan0 inet proto { tcp, udp } from any to wan0 port = 8822 -> 192.168.1.97 port 8822
## FILTER RULES
pass out log all keep state
pass in log all keep state
When I set server 1 with the gateway 10.0.0.18 (the CARP interface for gateway 1) I cannot ssh on port 8822 to server 1 from the windows PC.
When I set server 1 with the gateway 10.0.0.17 (the actual interface interface for gateway 1) I can ssh on port 8822 to server 1 from the windows PC.
This seems to say that the CARP interface is the issue.
I have read that FreeBSD does not have the ability to bind a CARP interface to a specific interface. Is this the problem?
ifconfig on the gateways shows an apparent bind to the loopback address.
Code:
carp0: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
inet 10.0.0.18 netmask 0xffffff00
carp: MASTER vhid 1 advbase 1 advskew 0
Any help always appreciated.