On Jan 1, 2008 8:14 PM, Vaughn L. Reid III <[EMAIL PROTECTED]> wrote: > I'm writing to report what might, possibly, be an interface name error > between two identical hardware machines running pfsense 1.2RC3 and using > CARP for fault tolerance. > > Here is a listing of the relevant interface names and network card > numbers. All hardware is identical between the two devices and all are > using Intel server network cards. > Machine 1, Carp master, Interface Names: > LAN -- em0 > WAN -- em3 > NETB -- em1 > SYNC -- em5 > DSL -- em4 > > Machine 2, Carp backup, Interface Names: > LAN -- em0 > WAN -- em3 > DSL --- em4 > SYNC -- em5 > NETB -- em1 > > Each interface one each machine can ping the corresponding interface on > the other machine. For example, Machine 1:LAN can ping Machine 2:LAN, > etc. The carp interfaces are directly connected to each other via a > crossover cable and firewall rules on that interface are set to allow > all traffic. > > Here is the problems that I'm noticing: > > On the Outbound NAT page of Machine 2, the Carp backup unit, the > outbound NAT Interface rules that apply for the DSL interface from LAN > and NETB networks show the wrong interface. Specifically, the interface > shown is NETB, instead of DSL. On Machine 1, the Carp master unit, the > correct interface of DSL is shown. In addition, if I manually change > the outbound NAT rules on Machine 2, the next time Carp syncs, the > interfaces switch back to show the incorrect interface. I have > synchronize NAT enabled, so the fact that the manually edited outbound > NAT rule changes is not a surprise. > > While looking at this, I noticed that, on the assign interfaces pages of > the two boxes, the NETB and DSL interface names are switched between the > two boxes but that the actual devices assigned to these two networks are > the same on each box. > > So, my question: Does the order in which interfaces are assigned to an > interface alias matter when using Carp, or is this a bug?
Sounds like you assigned the interfaces in a different order. On your primary box the internal names for each interface are: LAN == lan WAN == wan NETB == opt1 SYNC == opt2 DSL == opt3 On the secondary box the internal names for each interface are: LAN == lan WAN == wan DSL == opt1 SYNC == opt2 NETB == opt3 Problem is that rules are assigned to the pfSense internal name. Not sure whether I'd call it a bug (although it's certainly not great), or a lack of documentation though. --Bill --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
