Date: Fri, 07 Oct 2016 17:48:11 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 213282] FreeBSD 10.2 / Carp / PfSync Message-ID: <bug-213282-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=213282 Bug ID: 213282 Summary: FreeBSD 10.2 / Carp / PfSync Product: Base System Version: 10.2-STABLE Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: JeanAumont@gmail.com Hi, I have a 2 FreeBSD 10.2 firewall in a MASTER / BACKUP configuration with around 20 interfaces. All the interfaces on the MASTER have an ADVBASE of 2 and a ADVSKEW of 90. All the interfaces on the BACKUP have an ADVBASE of 2 and a ADVSKEW of 100. Carp preempt is enabled on both firewall. There is a lot of traffic passing on those firewall, around 80000 connections. Our MASTER firewall crash (due to a bad disk controller firmware). The BACKUP firewall became the MASTER, and no traffic was lost. But when the firewall that crash rebooted, it became the MASTER again, and this is when we lost some connections. Is there a SYNC of the PF table between the firewall before a firewall became MASTER again? By looking at the carp code rapidly, I did not see any thing regarding this situation. Thanks, Jean Aumont -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-213282-8>