Hi all Disbling ipv6 on the ifs didn't help.
It turned out pf was blocking the outgoing carp advertisements on 2 out of 4 interfaces without logging. Adding "keep state (no-sync)" to the carp rules, activating them, and then flushing states on both firewalls finally brought the cluster back to normal. Thanks to cd for the help. lg /markus On 01/15/12 16:18, Markus Wernig wrote: > Hi all > > After upgrading to 5.0 (and also on -current) I keep getting those > errors for 2 out of 4 carp'd interfaces in a fw cluster pair: > > /bsd: carp2: ip_output failed: 65 > /bsd: carp3: ip_output failed: 65 > > And effectively, no CARP traffic is seen on those two interfaces, > neither in nor out. Both boxes assume master status on the if. > > I got a gut feeling that this has something to do with ipv6, which I do > not use at all on the boxes. My pf ruleset is actually ipv4 only. I do > see ipv6 addresses on the phyif and carpif though (which I have not > configured). > > Could it be that I need to add something to my ruleset? > > Any way to totally disable ipv6 for a test? > > krgds /markus