Hello list, I have a setup with 2 firewalls (openbsd 4.7 MP ) and using carp for redundancy. All systems are using the ip number of the inside carp interface as default gateway. There is another router in that subnet that is used to reach another network so i have static route to that network on the firewall systems.
For example : clients are in network 10.1.1.0/24 and carp interface ip is 10.1.1.3 and the other router in het network is 10.1.1.1 . Both firewalls also have a ip number on the physical interface in that subnet, for example firewall1 has 10.1.1.7 and firewall2 has 10.1.1.8. The static route on the firewalls is 10.0.0.0/8 via 10.1.1.1 . Now the problem is that not all traffic goes very well to the 10.0.0.0/8 network, most of the traffic takes longer to complete or connections are broken sometimes. The clients are using a terminal client to reach a AS400 system and when they do some print jobs it takes 10 or 20 times much longer to complete that print. The weird thing about this is that when set the client gateway to 10.1.1.7 ( assuming that one is the master) there are no problems , also when i created a static route on the client for 10.0.0.0/8 via 10.1.1.1 . Any have clue how to fix this without placing the other router in a different subnet or using static routes on the clients ? Many thanks, Peter
