On 2006/06/14 08:53, Thomas Bader wrote: > In one case the fail-over does not work well: If the > BGP-peering on r0a to the upstream goes down all traffic > will be routed from r0a via $pfsync_if to r0b and to the > upstream from there on. SSH and browsing through web pages > with HTTP works that way. But downloads with HTTP or FTP do > not work. > > As long as traffic gets routed from LAN via r0a to r0b every > large download just stalls after a few kbytes. With tcpdump > I found out that the first few kbytes make it through and > afterwards ICMP host-unreachable messages will be generated.
This feels like a path-mtu problem, is em0 using jumbo frames? If that's the problem, scrub max-mss should help. > So I guess that altq has no impact on my problem. In the > pf.conf there are actually only a few rules because the > mentioned setup is not yet in productive business and there > are only a few machines using it yet. Just as long as beer. is safe, that's ok (-:
