CARP and pfsync

CARP and pfsync were two of the main new items in OpenBSD 3.5. CARP is short for Common Address Redundancy Protocol. The protocol was developed as a non patent encumbered alternative to VRRP (Virtual Router Redundancy Protocol, RFC 2281, RFC 3768), which was quite far along the track to becoming an IETF sanctioned standard, even though possible patent issued has not been resolved. The patents involved are held by Cisco, IBM and Nokia.

Both protocols are intended to ensure redundancy for essential network features, with automatic failover.

CARP is based on setting up a group of machines as one 'master' and one of more redundant 'slaves', all of which are equipped to handle a common IP address. If the master goes down, one of the slaves will inherit the IP address, and if the synchronization has been properly handled, active connections will be handed over. The handover may be authenticated using cryptographic keys.

One of the main purposes of CARP is to ensure that the network will keep functioning as usual even when a firewall or other service goes down due to errors or planned maintenance activities such as upgrades.

In the case of PF firewalls, pfsync can handle the synchronization. pfsync is a type of virtual network interface specially designed to synchronize state information between PF firewalls. pfsync interfaces are assigned to physical interfaces with ifconfig. On networks where uptime requirements are strict enough to dictate automatic failover, the number of simultaneous network connections is likely to be large enough that it will make sense to assign the pfsync network its own physical network.

This topic is one of those that feature in the advanced parts of my tutorials at conferences and other venues, plus of course in The Book of PF. The best freely available pfsync and CARP references are the OpenBSD FAQ, the man pages and Ryan McBride's overview article at http://www.countersiege.com/doc/pfsync-carp/. Also see the Chapter called References at the end of this document.

A somewhat more thorough treatment of CARP and pfsync (with both failover and load balancing configurations) can be found in The Book of PF.