Actually I may have found a bug with this. Are you using virtual ips? On 4/18/06, Scott Ullrich <[EMAIL PROTECTED]> wrote: > Yep. Why was it on to begin with? > > > On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: > > So after saving the page with pfsync disabled, I need to reboot the > > firewall to completely turn it off? > > > > Scott Ullrich wrote: > > > It most likely will not "change" the pfsync association until the next > > > reboot. > > > > > > On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: > > > > > >> Yeah and I tried that, it had no effect. And as I said earlier in my > > >> post, I turned it on and saved, turned it off and saved and no effect. > > >> Changing the sync interface, even with synchronization turned off does > > >> have an effect (which it shouldn't IMHO but that's another story). > > >> > > >> -Gary > > >> > > >> Scott Ullrich wrote: > > >> > > >>> Should be safe. But then again turning off pfSync should remove the > > >>> tag as well. > > >>> > > >>> On 4/18/06, Gary Buckmaster <[EMAIL PROTECTED]> wrote: > > >>> > > >>> > > >>>> Scott, > > >>>> > > >>>> I agree that that's how it *should* be working, but that's not what's > > >>>> currently happening on this box. I'd like, very much to stop the > > >>>> madness without requiring a complete re-install. Am I safe simply > > >>>> removing the pfsyncenabled tag from my config file or is there more > > >>>> involved? > > >>>> > > >>>> -Gary > > >>>> > > >>>> Scott Ullrich wrote: > > >>>> > > >>>> > > >>>>> If you are not using CARP/pfSync then it should be bound to the > > >>>>> loopback adapter broadcasting nothing. > > >>>>> > > >>>>> On 4/18/06, Holger Bauer <[EMAIL PROTECTED]> wrote: > > >>>>> > > >>>>> > > >>>>> > > >>>>>> There has been a lot of movement between your initial installed > > >>>>>> version and beta3. The cleanest thing really would be a reinstall > > >>>>>> from scratch :-/ but you might want to wait for scott's or bill's > > >>>>>> thoughts on this behavior first. > > >>>>>> > > >>>>>> Holger > > >>>>>> > > >>>>>> > > >>>>>> > > >>>>>> > > >>>>>>> -----Original Message----- > > >>>>>>> From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > > >>>>>>> Sent: Tuesday, April 18, 2006 4:45 PM > > >>>>>>> To: [email protected] > > >>>>>>> Subject: Re: [pfSense Support] Massive amounts of pfsync traffic > > >>>>>>> when > > >>>>>>> CARPisturned off > > >>>>>>> > > >>>>>>> > > >>>>>>> Holger, > > >>>>>>> > > >>>>>>> Actually, that doesn't work. Hitting save on its own doesn't > > >>>>>>> turn off > > >>>>>>> the synchronization. Enabling, then saving, then disabling > > >>>>>>> and saving > > >>>>>>> again, also doesn't turn it off. If I leave it disabled in > > >>>>>>> the WebGUI > > >>>>>>> and then change the sync interface to WAN, all the sync > > >>>>>>> traffic moves to > > >>>>>>> the WAN interface. Changing it back to LAN moves the sync > > >>>>>>> traffic back. > > >>>>>>> > > >>>>>>> -Gary > > >>>>>>> > > >>>>>>> Holger Bauer wrote: > > >>>>>>> > > >>>>>>> > > >>>>>>> > > >>>>>>>> Just hit save at the CARP-Settings with all options turned > > >>>>>>>> > > >>>>>>>> > > >>>>>>>> > > >>>>>>> off. It should save all necessary settings and apply the changes. > > >>>>>>> > > >>>>>>> > > >>>>>>> > > >>>>>>>> Holger > > >>>>>>>> > > >>>>>>>> > > >>>>>>>> > > >>>>>>>> > > >>>>>>>> > > >>>>>>>>> -----Original Message----- > > >>>>>>>>> From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > > >>>>>>>>> Sent: Tuesday, April 18, 2006 4:37 PM > > >>>>>>>>> To: [email protected] > > >>>>>>>>> Subject: Re: [pfSense Support] Massive amounts of pfsync > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>> traffic when > > >>>>>>> > > >>>>>>> > > >>>>>>> > > >>>>>>>>> CARPis turned off > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>>>> Holger, > > >>>>>>>>> > > >>>>>>>>> The WebGUI shows CARP completely turned off, as it should be. The > > >>>>>>>>> config file has been with me, more or less, since 0.95 but > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>> always on > > >>>>>>> > > >>>>>>> > > >>>>>>> > > >>>>>>>>> that machine. CARP had been turned on at one time on that > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>> machine, > > >>>>>>> > > >>>>>>> > > >>>>>>> > > >>>>>>>>> however it was completely disabled. I suspect that I > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>> simply need to > > >>>>>>> > > >>>>>>> > > >>>>>>> > > >>>>>>>>> remove the line from my config file to turn it off. Is that > > >>>>>>>>> a correct > > >>>>>>>>> statement or do I need to remove other lines as well? I'd > > >>>>>>>>> rather avoid > > >>>>>>>>> doing a complete re-install if at all possible. Thanks > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>> for your help. > > >>>>>>> > > >>>>>>> > > >>>>>>> > > >>>>>>>>> -Gary > > >>>>>>>>> > > >>>>>>>>> Holger Bauer wrote: > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>>>>> Is this an imported config? CARP config options are located > > >>>>>>>>>> > > >>>>>>>>>> > > >>>>>>>>>> > > >>>>>>>>>> > > >>>>>>>>> at Interfaces>Virtual IPs, CARP settings tab. Disable all > > >>>>>>>>> options there, save and apply. Does this fix it? Btw, I > > >>>>>>>>> haven't noticed that behavior with my embedded beta3 build. > > >>>>>>>>> Maybe you are runni > > >>>>>>>>> ng into some kind of upgrade bug. If nothing helps I > > >>>>>>>>> recommend reinstalling a fresh Beta3 :-/ > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>>>>> Holger > > >>>>>>>>>> > > >>>>>>>>>> > > >>>>>>>>>> > > >>>>>>>>>> > > >>>>>>>>>> > > >>>>>>>>>> > > >>>>>>>>>>> -----Original Message----- > > >>>>>>>>>>> From: Gary Buckmaster [mailto:[EMAIL PROTECTED] > > >>>>>>>>>>> Sent: Tuesday, April 18, 2006 4:26 PM > > >>>>>>>>>>> To: [email protected] > > >>>>>>>>>>> Subject: [pfSense Support] Massive amounts of pfsync > > >>>>>>>>>>> > > >>>>>>>>>>> > > >>>>>>>>>>> > > >>>>>>>>>>> > > >>>>>>>>> traffic when CARP > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>>>> > > >>>>>>>>>>> is turned off > > >>>>>>>>>>> > > >>>>>>>>>>> > > >>>>>>>>>>> I just noticed my pfSense (now upgraded to Beta3, thanks > > >>>>>>>>>>> guys!) machine > > >>>>>>>>>>> multicasting pfsync traffic of biblical proportions. This was a > > >>>>>>>>>>> surprise to me because I don't have CARP enabled on this box. > > >>>>>>>>>>> In poking > > >>>>>>>>>>> around in my machine's config file I see the following entry: > > >>>>>>>>>>> > > >>>>>>>>>>> - <#> <carpsettings> > > >>>>>>>>>>> - <#> <config> > > >>>>>>>>>>> <pfsyncenabled /> <<<<---------- point of interest > > >>>>>>>>>>> <pfsyncinterface>LAN</pfsyncinterface> > > >>>>>>>>>>> <balancing /> > > >>>>>>>>>>> <premption /> > > >>>>>>>>>>> <synchronizerules /> > > >>>>>>>>>>> <synchronizealiases /> > > >>>>>>>>>>> <synchronizenat /> > > >>>>>>>>>>> <synchronizeipsec /> > > >>>>>>>>>>> <synchronizewol /> > > >>>>>>>>>>> <synchronizestaticroutes /> > > >>>>>>>>>>> <synchronizelb /> > > >>>>>>>>>>> <synchronizevirtualip /> > > >>>>>>>>>>> <synchronizetrafficshaper /> > > >>>>>>>>>>> <synchronizetoip /> > > >>>>>>>>>>> <password /> > > >>>>>>>>>>> </config> > > >>>>>>>>>>> </carpsettings> > > >>>>>>>>>>> > > >>>>>>>>>>> > > >>>>>>>>>>> Does this mean that, pfsync is enabled anyhow? How can I > > >>>>>>>>>>> make the bad > > >>>>>>>>>>> man stop? It's really hosing one of my switches. > > >>>>>>>>>>> > > >>>>>>>>>>> Best, > > >>>>>>>>>>> > > >>>>>>>>>>> Gary > > >>>>>>>>>>> > > >>>>>>>>>>> > > >>>>>>>>>>> > > >>>>>>>>>>> > > >>>>>>>>>>> > > >>>>>>>>>>> > > >>>> --------------------------------------------------------------------- > > >>>> To unsubscribe, e-mail: [EMAIL PROTECTED] > > >>>> For additional commands, e-mail: [EMAIL PROTECTED] > > >>>> > > >>>> > > >>>> > > >>>> > > >>> --------------------------------------------------------------------- > > >>> To unsubscribe, e-mail: [EMAIL PROTECTED] > > >>> For additional commands, e-mail: [EMAIL PROTECTED] > > >>> > > >>> > > >>> > > >> --------------------------------------------------------------------- > > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > > >> For additional commands, e-mail: [EMAIL PROTECTED] > > >> > > >> > > >> > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > >
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
