From owner-freebsd-questions@FreeBSD.ORG Wed Dec 5 20:05:38 2007 Return-Path: Delivered-To: questions@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E830916A419 for ; Wed, 5 Dec 2007 20:05:38 +0000 (UTC) (envelope-from mksmith@adhost.com) Received: from mail-defer01.adhost.com (mail-defer01.adhost.com [216.211.128.150]) by mx1.freebsd.org (Postfix) with ESMTP id C950013C465 for ; Wed, 5 Dec 2007 20:05:38 +0000 (UTC) (envelope-from mksmith@adhost.com) Received: from mail-in08.adhost.com (mail-in08.adhost.com [10.211.128.141]) by mail-defer01.adhost.com (Postfix) with ESMTP id 0A740ED9E2 for ; Wed, 5 Dec 2007 11:49:37 -0800 (PST) (envelope-from mksmith@adhost.com) Received: from ad-exh01.adhost.lan (unknown [216.211.143.69]) by mail-in08.adhost.com (Postfix) with ESMTP id 9C1148FC77 for ; Wed, 5 Dec 2007 11:49:36 -0800 (PST) (envelope-from mksmith@adhost.com) MIME-Version: 1.0 X-MimeOLE: Produced By Microsoft Exchange V6.5 x-pgp-encoding-format: MIME x-pgp-encoding-version: 2.0.2 Content-Type: multipart/signed; boundary="PGP_Universal_B7016C92_096A971C_B8FC0AEF_3200D5CE"; micalg=pgp-sha1; protocol="application/pgp-signature" x-pgp-mapi-encoding-version: 2.5.0 Content-class: urn:content-classes:message Date: Wed, 5 Dec 2007 11:49:35 -0800 Message-ID: <17838240D9A5544AAA5FF95F8D52031602E54396@ad-exh01.adhost.lan> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: PF - Carp and vhid limitations Thread-Index: Acg3d/W3cgh18cH4S26R1u6rBsyuJA== From: "Michael K. Smith - Adhost" To: Cc: Subject: PF - Carp and vhid limitations X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Dec 2007 20:05:39 -0000 --PGP_Universal_B7016C92_096A971C_B8FC0AEF_3200D5CE Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: QUOTED-PRINTABLE Hello All: I'm interested in using PF to front a web farm where there will be lots of = static IP addresses for SSL affinity. As such, I expect to have many more = than 255 CARP interfaces. But, as I understand it, I'm limited to 255 vhid= 's and I have to have a discreet vhid per CARP interface. Is there a way to configure my CARP interfaces such that I can get around t= his limitation? Right now, I configure everything as: ifconfig_carp5=3D"inet 192.168.1.2 netmask 255.255.255.192 vhid 5 advskew 0= pass mypass" ifconfig_carp6=3D"inet 192.168.1.3 netmask 255.255.255.192 vhid 6 advskew 0= pass mypass" and so on. I'm wondering if there is a way to alias IP addresses in the same subnet "i= fconfig_carp5_alias" or something similar. It seems like there is a reuse = mechanism in OpenBSD because you can associate a carpdev to the entry, but = I don't see that in FreeBSD. Regards, Mike -- Michael K. Smith, GISP mksmith@adhost.com w: +1 (206) 404-9500 f: +1 (206) 404-9050 PGP: B49A DDF5 8611 27F3 08B9 84BB E61E 38C0 (Key ID: 0x9A96777D) --PGP_Universal_B7016C92_096A971C_B8FC0AEF_3200D5CE Content-Type: application/pgp-signature; name="PGP.sig" Content-Transfer-Encoding: 7BIT Content-Disposition: attachment; filename="PGP.sig" -----BEGIN PGP SIGNATURE----- Version: 9.7.0 (Build 867) iQEVAwUBR1cAz/TXQhZ+XcVAAQjRKwgAkb/FAvgP95CYZI1rhUZljuB8EHeYkW8U 1GbF29IjINjR6h7z6oEsnyWc5b811MACab6wVebgCz5BHURJIDEAhzVjDE32tis8 XiBO3ZjsmHtuA3ECXcXurIpDbOTAr08xrPuAPj6YCPRuiR3/Yoa9BH0Zpf2Ph2ZI md+ymNt8rVxomqHGBdUK8+ZiqnAymRu8kgV5K2t8To/5wUejUPhkXZkDl8MN3hMW kmkLOSx4799bQaB1NME2hoYQ3HUwQBCABWXEI+cbhb0E5BmWHWP1VsDjLtR1jL2B 72cOfY+7ubcdbTxhj/yXK+MuFAVdNxKyB+GuJq9BTtnXUQS5JUoPuw== =+JGb -----END PGP SIGNATURE----- --PGP_Universal_B7016C92_096A971C_B8FC0AEF_3200D5CE--