Does two pfsense + CARP necessarily require two WAN IP?

Question

I am looking to setup CARP following this guide across two pfSense firewalls.

I have setup CARP before on a WAN link with a big IP space, so allocating a distinct WAN IP per each device (as shown in the guide) was palatable.

Now, I am trying to do the same, but only one WAN IP is available per link.

Is there a way to use only one WAN IP?

Edit: What if you have the following configuration? (would this work?)

WAN1: WAN IP 1.2.3.4, local IP 192.168.10.1
WAN2: WAN IP 1.2.3.5, local IP 192.168.20.1
pf1: On interface WAN1, local IP 192.168.10.10; on WAN 2, local IP 192.168.20.10;
pf2: On interface WAN1, local IP 192.168.10.11; on WAN 2, local IP 192.168.20.11;
On both pf1 and pf2, monitor IP set to the ISP-appropriate value
VIP on 192.168.10.100, 192.168.20.100

score 4 · Accepted Answer · answered Mar 09 '13 at 00:23

4

No, carp requires three WAN IPs.

answered Mar 09 '13 at 00:23

JamesRyan

Alessandro Meyer · Answer 2 · 2015-04-30T20:52:51.203

4

It does not, it depends on your Setup. I have a working solution with 1 IP. The Slave just uses the Master as a gateway.

edited Apr 30 '15 at 20:52

answered Apr 29 '15 at 08:01

Alessandro Meyer

score 3 · Answer 3 · answered Mar 09 '13 at 06:20

3

CARP is like VRRP, HSRP and most other routing redundancy protocols, you must have 3 static IPs in the same subnet.

That may change at some point in the future, but it's true for the time being.

answered Mar 09 '13 at 06:20

Chris Buechler

score 0 · Answer 4 · answered Nov 07 '16 at 07:42

this topic has been requested as a feature in the pfsense bugtracker https://redmine.pfsense.org/issues/3859 and also issue 4597

it seems possible but you have to work around the webGUI

4 Answers4