CARP (Common Address Redundancy Protocol) is an alternative protocol to HSRP (Hot Standby Router Protocol) and VRRP (Virtual Router Redundancy Protocol).
The objective is to make two different gateways respond to the same IP. This is done by creating a Virtual IP, that is different than the IP used by both routers, to decide who will be active and who will be on standby.
For example: In the network, the two routers 10.0.0.2 and 10.0.0.3 will communicate over CARP and define who will respond to the Virtual IP 10.0.0.1. When the active becomes inoperative the standby takes place.
On the Master, go to Firewall > Virtual IPs:
- Click in “+ Add”,
- Select the “Type” as “CARP”,
- Select the “Interface” of the LAN,
- Define the Virtual IP address in “Address(es)”, for example ‘10.0.0.1’ and mask ‘/24’,
- Define the “Virtual IP Password”,
- Leave the VHID as ‘1’ for the first, but if you already have one virtual IP, chose another number,
- The “Description” can be ‘LAN Default Gateway’ for example,
- Click in “Save”, then “Apply Changes”.
If you did the HV Sync [Read It], you don’t have to do the same at the Slave.
If the Virtual IP was created to the WAN interface, you will have to go to Firewall > NAT > Outbound:
- Chose the “Outbound NAT Mode” for “Hybrid”,
- Click in “Save”, then “Apply Changes”,
- Click in “+ Add”,
- At the table “Edit Advanced Outbound NAT Entry”, add in “Source” the Network address of the LAN, for example, ‘10.0.0.0/24’,
- At the table “Translation”, “Address” select the WAN Virtual IP,
- Enter a “Description”, such as ‘WAN Virtual IP for NAT’,
- Click in “Save” and “Apply Changes”.
This will prevent the loss of the packets during the transition to the Slave.
See also the post about High Availability with CARP [Read It].