Les,
What network driver are you using? eepro100? What is the actual chipset
of the nic's. If they are builton you probably want to use the e100
driver from Intel which fixes the problem you are describing. With the
stock eepro100 driver, builton chips have a tendency to fall over.
Usually the box crashes, but if it doesn't, then doing an ifdown, ifup
will make it work for a little while longer.
Les Barstow wrote:
> Does anyone have a pair of iptables boxes set up for failover? I don't
> think I need anything which mirrors the conntrack table, but it would be
> nice if I had a second box to take over when the first one disappears...
>
> Any sample configurations/scripts would be helpful.
>
>
> Also, has anyone had any experiences with iptables locking up (ie
> disallowing traffic)? I've checked conntrack tables and it appears I
> still have quite a bit of space there. Pings and TCP traffic both
> originating at the firewall and passing through it disappear. This only
> seems to happen on my external interface - I can ping internal address
> space. Been really annoying. Intel Pro dual 100Mbps ports.
>
> It never used to happen, so it's either a hardware/network issue or a
> bandwidth-related problem (we were pushing 20Mbps through it the other
> day...)
>
>
--
James A. Pattie
[EMAIL PROTECTED]
Linux -- SysAdmin / Programmer
PC & Web Xperience, Inc.
http://www.pcxperience.com/
