https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=290768
--- Comment #23 from relvy <[email protected]> --- (In reply to vova from comment #20) I took out the carp backup machine from production environment and put it into a testbed with a single subnet 10.2.0.0/16. I am able to reproduce it there, too. I stripped it down to figure out what is necessary to reproduce. I removed the LAN CARP: issue is still reproduceable. I removed wg0 and kept wg1: issue is still reproduceable. What I have now is: Infrastructure: opnsense WAN ------------ opnsense WAN CARP ------- peer (road warrior) igc0 10.2.1.30 a.b.c.d peer initiates handshake: opnsense WAN ------------ opnsense WAN CARP ----- peer (road warrior) igc0 10.2.1.30:51820 <------- a.b.c.d outgoing traffic: LAN opnsense WAN ------------ opnsense WAN CARP ----- peer (road warrior) igc0 -- outbound NAT --> 10.2.1.30 -----------> a.b.c.d a.b.c.d is the peer address, an DHCP address from 10.2.0.x/16 # pfctl -s states | grep 51820 all udp 10.2.1.30:51820 <- a.b.c.d:53003 NO_TRAFFIC:SINGLE all udp a.b.c.d:53003 -> 10.2.1.30:51820 SINGLE:NO_TRAFFIC -- You are receiving this mail because: You are the assignee for the bug.
