I am wondering, in a dual firewall situation, preemption enabled, carp
working just fine (i think), is it normal that the backup firewall (when
in backup state) has no connectivity on any of the carped interfaces?
I only ask because I have read some posts where someone is connecting
somewhere, downloading something.. etc.. from the _backup_ firewall.
They didn't say if it was running as the master of the carp interface or
not.
When i try to connect out any of my carp interfaces (or the actual
physical interface for that matter) I get the message:
ping: sendto: Network is unreachable
ping: wrote 10.0.69.41 64 chars, ret=-1
If the answer to the question is "no, you can't connect when the box is
in "backup" state", then all is well.. otherwise, I'll put up if
configs, dmesg etc..
BTW, I did try this with pf enabled and disabled (also did a flush all
after disabling pf) so i don't think pf is an issue here.
Thanks in advance,
Aaron
