What are Virtual IP Addresses?

From PFSenseDocs

(Redirected from What is the different between Proxy ARP, CARP, and Other Virtual IPs?)

A Virtual IP is any IP address usable by pfSense that is not an interface's main IP address. These come in several different forms, each of which have their own features. Virtual IPs are used to allow pfSense to properly forward traffic for things like NAT port forwards, Outbound NAT, and 1:1 NAT. They also enable features like failover, and can allow services on the pfSense router to bind to different IP addresses.

1 Virtual IP Address Types

[edit]

Virtual IP Address Types

From this forum post by hoba, with some additions.

[edit]

CARP

Can be used by the firewall itself to run services or be forwarded
Generates Layer2 traffic for the VIP
Can be used for clustering (master firewall and standby failover firewall)
The VIP has to be in the same subnet like the real interfaces IP
Will respond to ICMP PING.

[edit]

Proxy ARP

Can not be used by the firewall itself but can be forwarded
Generates Layer2 traffic for the VIP
The VIP can be in a different subnet than the real interfaces IP
Will not respond to ICMP PING.

[edit]

Other

Can be used if the Provider routes your VIP to you anyway without needing Layer2 messages
Can not be used by the firewall itself but can be forwarded
The VIP can be in a different subnet than the real interfaces IP
Will not respond to ICMP PING.

Retrieved from "http://doc.pfsense.org/index.php/What_are_Virtual_IP_Addresses%3F"

Category: FAQ