There's no reason it couldn't. All that is necessary is to either change the RFC or break it...There are definitely times where pinging the VIP would be very useful.
-PaulK
*********************************************
Paul Keser
Network Security Engineer
[EMAIL PROTECTED]
tel: 415.351.4037
fax: 415.474.6017
ShopExpert.com
1375 Sutter Street, Suite 400
San Francisco, CA 94109
*********************************************
> Well we're in the realms of academic discussion here,
> but since it's
> pertinent to fw-1 (sort-of), I'll continue. In an MC setup,
> say you have a
> primary and a secondary firewall participating in VRRP across the same
> subnet. The primary firewall will effectively "own" or handle all ARP
> requests for the virtual IP, it routes all traffic for the
> VIP, so why can't
> it respond to pings?
