Not set on the MASTER, 230 on the backup.
Saludos,
Jose.
Jonathan Carter wrote:
I have it set to (1) on the promary and (100) on the backup.
How high did you set yours?
Jonathan
-----Original Message-----
From: Jose Quinteiro [mailto:[EMAIL PROTECTED]
Sent: 20 September 2008 20:45
To: Jonathan Carter
Cc: [email protected]
Subject: Re: Help with CARP
I had similar problems with a couple of little Soekris boxes. I solved it
by increasing advskew. I think they can't handle the interrupt load at peak
times. I'm in the process of replacing them.
HTH,
Jose.
Jonathan Carter wrote:
Hi
Any ideas with this one please?
I have 2 openBSD boxes running as pair of firewalls using CARP + PF.
This set up is already working for 12 months.
Last week I was troubleshooting network problems reported by my
clients and I noticed that several CARP interfaces had failed over. I
checked that there were no more problems with the Primary firewall and
I set the interfaces on the backup firewall back to "BACKUP" and made
sure that the the primary firewall interfaces were all set to "MASTER".
However I had intermittent timeout problems for the next 24hrs.
Eventually I enabled "loud" debugging on PF and I saw that traffic was
coming through both firewalls evenn though the backup firewall has all
its CARP interfaces set back to "BACKUP". I tried several basic TCP
debugging techniques but in the end I set all of the CARP interfaces on
the backup firewall to "down".
This is where I am at the moment. Can anyone point me in the
direction of how I can investigate this further. I want to bring up
the backup firewall interfaces as soon as possible so that I have my
redundant set up but at the moment I am at a loss to think of what could
be wrong.
The only thing I can think off is that I have accidentally enabled
load balancing - but I have checked the basics from the CARP
documentation and , on the surface it does not look like it.
I am running "4.1 GENERIC#874 amd64"
Regards
Jonathan
