rik <rikc...@gmail.com> writes: > I'm using 2 openbsd boxes as router firewall with carp in a colo-like setup. > In the last few days we saw the packet loss percentuale increase up to > 8-10% and it doesn't look like a problem for outside.
I take this to mean that the CARP setup provided the needed redundancy. > If I ping from the master firewall one of the server inside I can see > something like this: > > 64 bytes from xx.xx.xx.12: icmp_seq=4 ttl=64 time=-3.-656 ms > 64 bytes from xx.xx.xx.12: icmp_seq=5 ttl=64 time=0.794 ms > 64 bytes from xx.xx.xx.12: icmp_seq=6 ttl=64 time=0.-491 ms > ping: sendto: No route to host > ping: wrote xx.xx.xx.12 64 chars, ret=-1 > ping: sendto: No route to host > ping: wrote xx.xx.xx.12 64 chars, ret=-1 > 64 bytes from xx.xx.xx.12: icmp_seq=9 ttl=64 time=0.526 ms > 64 bytes from xx.xx.xx.12: icmp_seq=10 ttl=64 time=1.415 ms > > No errors in syslog. > Any idea? This is what it looks like when your link goes down, then comes back again. I'd check with the upstream if they know of any specific incident that matches your disruption. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
