Hmm, what does the output of "pfctl -sn -aslb" look like on both boxes? The other obvious question is, are the virtual addresses that front end your load balance pool CARP addresses? If they aren't, then the secondary won't take them over on failover regardless of the load balance config.
--Bill On 10/10/07, Lee Hetherington <[EMAIL PROTECTED]> wrote: > Hi Bill, > > The config was sync'd ok, I can see it on both boxes. Below is a ps -ax > from the secondary machine: > > # ps -ax |grep slb > 60083 ?? Ss 0:00.51 /usr/local/sbin/slbd -c/var/etc/slbd.conf -r5000 > 65097 p0 RV 0:00.00 grep slb (tcsh) > > Looks to me like its running? I tried editing the config and saving it > like you suggest, and the ps -ax was then: > > # ps -ax | grep slb > 65407 ?? Ss 0:00.00 /usr/local/sbin/slbd -c/var/etc/slbd.conf -r5000 > > Still nothing however when I reboot the primary... > > Lee > > Bill Marquette wrote: > > Can you confirm that the load balancer config sync'd over to the > > secondary? Also, assuming it did, can you do a 'ps -ax |grep slb' > > from the shell? I suspect it never started slbd after sync (as an > > interim workaround, you could try going to the load balancer page on > > the secondary and editing/saving the config). > > > > --Bill > > > > On 10/9/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > > >> Hi Bill, > >> > >> Sorry, inbound... we have 2x Web Servers behind the PFsense boxes so we > >> are load balancing 443 and 80 TCP > >> > >> Lee > >> > >> On Tue, 9 Oct 2007 08:47:27 -0500, "Bill Marquette" <[EMAIL PROTECTED]> > >> wrote: > >> > >>> Inbound or outbound load balancing? > >>> > >>> --Bill > >>> > >>> On 10/9/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > >>> > >>>> Hi There, > >>>> > >>>> Im using 1.2 RC2 on Intel boxes. I have the load balancer setup and > >>>> > >>> working, the two machines are syncing settings and the carp is working > >>> properly. However, if I reboot the primary firewall the secondary takes > >>> over pings, but the load balancing doesnt work again until the primary is > >>> back online. > >>> > >>>> Everything seems to be ok, when the primary disappears, the ping drops 1 > >>>> > >>> packet, then the secondary carries on and everything runs ok. The servers > >>> on the lan interface of the firewall can route out to the internet fine > >>> whilst running with only the secondary firewall. The only thing not to > >>> work is the load balancer. > >>> > >>>> Anyone have any ideas? > >>>> > >>>> I have it wired as: > >>>> > >>>> INTERNET --> PIX 515 PAIR --> 2X CISCO 3550-EMI --> PFSENSE PAIR --> 2X > >>>> > >>> CISCO 3550-EMI --> LAN > >>> > >>>> Each of the pix/pfsense are connected to seperate switches, which are in > >>>> > >>> turn linked together. > >>> > >>>> Thanks in advance, > >>>> > >>>> Lee > >>>> > >>>> > >>>> --------------------------------------------------------------------- > >>>> To unsubscribe, e-mail: [EMAIL PROTECTED] > >>>> For additional commands, e-mail: [EMAIL PROTECTED] > >>>> > >>>> > >>>> > >>> --------------------------------------------------------------------- > >>> To unsubscribe, e-mail: [EMAIL PROTECTED] > >>> For additional commands, e-mail: [EMAIL PROTECTED] > >>> > >>> > >>> > >>> -- > >>> Message scanned for all known viruses by Mailsauce. Email protection > >>> solutions from E-Sauce. For more information please visit > >>> http://www.mailsauce.com > >>> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > >> > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > -- > > Message scanned for all known viruses by Mailsauce. Email protection > > solutions from E-Sauce. For more information please visit > > http://www.mailsauce.com > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
