On 6/7/2017 10:10 AM, Daniel wrote: > Hi, > > the Sync interface is connected directly without a Switch. > But Carp is running WAN/LAB for example.
Let's go back to your original email, this behavior can be duplicated with different software, it's not a pfSense issue. Is that right? Both Sophos UTM and something on Linux both exhibit something similar? CARP sends broadcast traffic to 224.0.0.18. The device that you configured as the primary will send a packet every second by default, for each carp ip address, on the relevant interface. If the secondary does not receive these packets, it starts sending it's own, with a higher priority and assumes ownership of the CARP addresses. When the primary device is again available, it starts sending higher priority CARP packets. The secondary receives those, stops sending it's CARP packets and reverts to a backup role, because it knows that the primary is back up and functional. All that said, if your devices keep flipping back and forth, I'd guess that you don't see these carp packets at the backup device. tcpdump -ni wan|lan CARP on the backup device will tell a lot. Any chance you've got the wan and lan of the primary firewall going to the opposite switches as the secondary? _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold