On Mon, Sep 8, 2008 at 2:11 PM, Henning Brauer <[EMAIL PROTECTED]> wrote:
> phew. didnt mean to scare you with a false alarm... just thought that line was funny when i came across it... > > session staying in Active is not an error. it waits for the connection > from the other side. it seems to wait indefinitely which is problematic... maybe there could be something else wrong. > if it is configured passive it will stay in > Active until there is a connection and never try itself. and i seem to > remember sth with passve in the carp and depend case, but it's been a > while that i touched that code. I don't have any passive directives on any of the systems involved so I would imagine that the firewalls would be triggered to initiate the tcp connection to its peers as soon as it realizes the carp interface is now master. maybe im wrong here? > now that i rewrote the timers stuff i > could actually finally kill the little ugliness involved with it now. > if i just find time :) > any suggestions for a workaround in the meantime? > > * [EMAIL PROTECTED] <[EMAIL PROTECTED]> [2008-09-08 22:39]: > > no, i dont actually see that message, but just came across it in the > source > > looking for answers... > > > > On Mon, Sep 8, 2008 at 6:10 AM, Henning Brauer <[EMAIL PROTECTED]> > wrote: > > > > > do you actually see the "Kinf Bula..." error message?! > > > > > > * [EMAIL PROTECTED] <[EMAIL PROTECTED]> [2008-09-06 03:03]: > > > > When I failover two openbsd 4.3 firewalls running bgp with the depend > on > > > > carp directive, there are certain times where the bgp state seems to > get > > > > stuck in an Active state and stays in that state in what seems an > > > indefinate > > > > amount of time, although I have only waited up to about 5 minutes in > one > > > > case for any timers to expire but they never did. Other times the > > > failover > > > > is clean and the bgp session is established almost instantaneously > and > > > > routes are propogated both ways almost immediately which is what I > need > > > to > > > > happen whenever I decide to failover the firewalls. Logs dont reveal > much > > > > insight and packet captures have revealed some RST packets being sent > to > > > the > > > > OPEN messages but Im not sure exactly why that is? Any help resolving > > > this > > > > would be appreciated? > > > > > > > > > > -- > > > Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] > > > BS Web Services, http://bsws.de > > > Full-Service ISP - Secure Hosting, Mail and DNS Services > > > Dedicated Servers, Rootservers, Application Hosting - Hamburg & > Amsterdam
