Date: Fri, 28 Dec 2018 18:39:25 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 234472] Missing outgoing CARP traffic on interface Message-ID: <bug-234472-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=234472 Bug ID: 234472 Summary: Missing outgoing CARP traffic on interface Product: Base System Version: 11.2-RELEASE Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: pgadmin@pse-consulting.de For quite a while (I think it started with 10.x) I have a CARP problem with a pair of opnSense routers. No one could help over there, so I'm posting here. The router pair was running for some years correctly with ~20 vifs on 4 interfaces. After an update (incl kernel), things went wrong: the backup machine turned to CARP master on the wan interface ix4, other interfaces remained backup, with the master machine having all interfaces as carp master. The result wasn't healthy, no surprise. Debugging using tcpdump, I found that the backup router didn't receive any carp announcements on the wan interface, until I disabled the firewall (pfctl -d) on the master (!) completely. Obviously, pf is filtering the outgoing carp traffic on the master, but I couldn't find any configuration that would do so. Even a "pass out quick on ix4 proto carp from {any} to {any}" as first filter rule didn't help. Any helpful hints? -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-234472-227>