Hi, Gary, thanks for your answer.
I can confirm that all the CARP VIP being create are part inside our WAN Subnet. Actually once the system becomes available again after 3 or 4 minutes (I don't know what the box is actually doing), all the CARP VIP including the new one work and synchronization to the backup pfSense completes. Regards, -----Original Message----- From: Gary Buckmaster [mailto:[EMAIL PROTECTED] Sent: 28 May 2008 14:36 To: [email protected] Subject: Re: [pfSense Support] System unresponsive when creating CARP Virtual IPs. Jose Hernandez wrote: > > Hi there, > > I'm using pfSense 1.2-RELEASE, my problem is that when I create a CARP > Virtual IP, the firewall becomes unresponsive. Is this something > someone else has experienced? Is there any workaround? > > I don't know if related but in the system logs I see the below lines > which > > May 27 14:19:48 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX > (!AF_LINK) > > May 27 14:19:48 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX > (!AF_LINK) > > May 27 14:19:48 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX > (!AF_LINK) > > May 27 14:19:48 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX > (!AF_LINK) > > May 27 14:19:48 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX > (!AF_LINK) > > May 27 14:19:48 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX > (!AF_LINK) > > May 27 14:19:48 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX > (!AF_LINK) > > May 27 14:19:48 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX > (!AF_LINK) > > May 27 14:19:48 kernel: arp_rtrequest: bad gateway 10.200.0.1 (!AF_LINK) > > May 27 14:16:20 php: : XMLRPC sync successfully completed with > http://192.168.0.2:80. > > May 27 14:16:20 php: : Beginning XMLRPC sync to http://192.168.0.2:80. > > May 27 14:16:19 check_reload_status: reloading filter > > May 27 14:16:18 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX > (!AF_LINK) > > May 27 14:16:10 kernel: arp_rtrequest: bad gateway 85.XXX.XXX.XXX > (!AF_LINK) > > I would appreciate if anyone can look into this and advise. > > Thanks, > Any chance you added a CARP VIP that is not a part of the logical subnet attached to that interface? IE: a public-facing IP address that is not part of your WAN subnet? This shouldn't be possible to do in the 1.2-release webGUI, and it will absolutely break your box if you manage it. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
