On Wed, Sep 1, 2010 at 12:23 PM, Paul Mansfield <it-admin-pfse...@taptu.com> wrote: > > if you recall, to make your pfsense firewall itself be able to talk to a > remote site over an IPSEC tunnel, you need to add a hack which is a > static route to remote network via the LAN address > > if you have a firewall cluster and you use the CARP address of the LAN, > it does work, but it *seems* to cause the following errors to appear in > system log: > > Sep 1 15:40:01 kernel: arpresolve: can't allocate route for 10.1.2.254 > > the 10.1.2.254 is the CARP ip on the LAN > > I can make these go away by using the IP of the firewall's LAN but that > kind of defeats part of the purpose of having a cluster and carp! > > Apart from this being a distraction/nuisance, is this something to worry > about?# >
No, just happens when the system tries to ARP its own CARP IPs. Only cosmetic. --------------------------------------------------------------------- To unsubscribe, e-mail: discussion-unsubscr...@pfsense.com For additional commands, e-mail: discussion-h...@pfsense.com Commercial support available - https://portal.pfsense.org