Paul Mansfield wrote:
On 07/10/09 18:47, Evgeny Yurchenko wrote:
Has anybody noticed this behavior?
The simplest set up: two pfSenses with LAN WAN and CARP on both
interfaces (with separate interface for SYNC).
When there is little traffic active pfSense sends CARP packets with
priority 0 every second, everything is ok.
Gradually increasing traffic you reach the point when active pfSense
starts sending CARP packets not regularily: 1.5, 2, 3 seconds and
finally stops sending them completely. Of course at this point backup
pfSense kicks in. When you remove traffic former active pfSense does not
restore its active role (does not any CARP packets).
what's the CPU load at that time, and how full is the state table?
Yesterday it happened twice on one of my production firewalls. CPU load
was less than 10%. Did not pay attention at the moment but accoring to
RRD number of states was not unusual - 4-5k. I reproduced it in my lab -
only test connection, so number of states was less than 100.
Evgeny.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
