I've used carp very successfully in the past, both in the standard mode and ARP load-balancing mode, to build fail-over sets of firewalls. It worked well enough that one of our firewalls was down for a week before we noticed (and none of our clients did). I just did a mock-up of your scenario on a system at home (using the GENERIC kernel), and it seemed to work for me.
I see you have a managed switch; you might see if some features like port security are disabled for that port. > What is even more strange, tcpdump on le0 does not even see ICMP echo > requests addressed to 10.14.134.99. That is strange. You might try "tcpdump -nevvv -i <interface> host 10.14.134.99" on the sending system and see if it's even sending the packets at all. If there's a remote chance that something else is using carp or VRRP on that network, you might try using a different VHID. Hope I can help, Matt Mullins _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
