Stuart Henderson wrote:
On 2007/01/23 10:21, Per Gøtterup wrote:
I wrote some days ago about a problem we have with connections from certain
networks (usually ADSL) being suddenly terminated after anything from a few
seconds to several minutes.
Check you use 'flags S/SA keep state' apart from anything that
explicitly must be stateless (only likely if you have PF on multiple
boxes with asymmetric routing).
I don't use flags anywhere in my keep state rules... Are you saying that I should use those flags everywhere or the
opposite?
Maybe I should write a few words abount the setup here... It's basically two completely identical carp-redundant boxes
running with advskew and preempt so no carp changes should occur unless the master goes away completely. We also log if
the carp states change (which they haven't) so I can pretty much rule out asymmetric routing using both boxes.
--
Per Gøtterup <[EMAIL PROTECTED]> · Systems Administrator & Support
WebHotel.net · INFORCE A/S · Sydvestvej 100 · DK-2600 Glostrup · Denmark
Phone: +45 70232490 · Fax: +45 70232480 · Web: www.webhotel.net
