Hi, According to the details it looks like Ichmp echo is blocked. Does it do the same pinging to google etc?
Sincerely yours, Mikey van der Worp -- Utelisys Communications B.V. Op 5 nov. 2012 om 04:23 heeft "Jerome Alet" <[email protected]> het volgende geschreven: > Hi, > > We've got two pfsense 2.1-BETA0 snapshots running on AMD64 as a failover > cluster. Each of these two Dell R610 has two Intel quad ports Gigabit > Ethernet (igb) and one (integrated) Broadcom (bce) quad ports Gigabit > Ethernet cards. > > Both were running "8.3-RELEASE-p4 #1: Thu Sep 27 14:06:33 EDT 2012" just > fine. > > This morning, I've updated the slave to "8.3-RELEASE-p4 #1: Sat Nov 3 > 16:04:02 EDT 2012". Fortunately I haven't updated the master for now. > > Since this upgrade, all syslog from the slave host logs to our central > syslog server as the CARP VIP address of the LAN. Before, it went to the > central syslog server as its own LAN address, just like the master > host. This is a really big change and I don't really understand why it > would happen or even be a good idea. > > Finally, the slave host does seem to have big connectivity problems, > causing at least DNS to fail : > > One of our DNS server's IP address is 10.10.0.3, on the LAN. > > The master's IP address is 10.10.3.252, the slave is 10.10.3.253 and the > CARP virtual IP is 10.10.3.254. The network mask is 255.255.252.0 > > Now here's a ping from our DNS server to the slave : > > awa:~ # ping pfsense2 > PING pfsense2-intra.univ-nc.nc (10.10.3.253) 56(84) bytes of data. > 64 bytes from pfsense2-intra.univ-nc.nc (10.10.3.253): icmp_seq=1 ttl=64 > time=0.267 ms > 64 bytes from pfsense2-intra.univ-nc.nc (10.10.3.253): icmp_seq=2 ttl=64 > time=0.205 ms > 64 bytes from pfsense2-intra.univ-nc.nc (10.10.3.253): icmp_seq=3 ttl=64 > time=0.215 ms > 64 bytes from pfsense2-intra.univ-nc.nc (10.10.3.253): icmp_seq=4 ttl=64 > time=0.243 ms > > --- pfsense2-intra.univ-nc.nc ping statistics --- > 4 packets transmitted, 4 received, 0% packet loss, time 3012ms > rtt min/avg/max/mdev = 0.205/0.232/0.267/0.028 ms > > The other way around, from the slave to DNS : > > [2.1-BETA0][[email protected]]/etc(13): ping 10.10.0.3 > PING 10.10.0.3 (10.10.0.3): 56 data bytes > ^C > --- 10.10.0.3 ping statistics --- > 9 packets transmitted, 0 packets received, 100.0% packet loss > > So this way all packets are lost, but traceroute works fine : > > [2.1-BETA0][[email protected]]/etc(20): traceroute -n 10.10.0.3 > traceroute to 10.10.0.3 (10.10.0.3), 64 hops max, 52 byte packets > 1 10.10.0.3 0.276 ms 0.308 ms 0.221 ms > > If I do a full restore (I did a full backup before the slave update), > then all works fine again. > > Any idea of what could be wrong with our setup ? > > Thanks so much in advance > > -- > Jérôme Alet - <[email protected]> - Direction du Système d'Information > Université de la Nouvelle-Calédonie - BPR4 - 98851 NOUMEA CEDEX > Tél : +687 290081 Fax : +687 254829 > _______________________________________________ > List mailing list > [email protected] > http://lists.pfsense.org/mailman/listinfo/list _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
