I have it set to (1) on the promary and (100) on the backup. How high did you set yours?
Jonathan -----Original Message----- From: Jose Quinteiro [mailto:[EMAIL PROTECTED] Sent: 20 September 2008 20:45 To: Jonathan Carter Cc: misc@openbsd.org Subject: Re: Help with CARP I had similar problems with a couple of little Soekris boxes. I solved it by increasing advskew. I think they can't handle the interrupt load at peak times. I'm in the process of replacing them. HTH, Jose. Jonathan Carter wrote: > Hi > > Any ideas with this one please? > > I have 2 openBSD boxes running as pair of firewalls using CARP + PF. > This set up is already working for 12 months. > > Last week I was troubleshooting network problems reported by my > clients and I noticed that several CARP interfaces had failed over. I > checked that there were no more problems with the Primary firewall and > I set the interfaces on the backup firewall back to "BACKUP" and made > sure that the the primary firewall interfaces were all set to "MASTER". > > However I had intermittent timeout problems for the next 24hrs. > Eventually I enabled "loud" debugging on PF and I saw that traffic was > coming through both firewalls evenn though the backup firewall has all > its CARP interfaces set back to "BACKUP". I tried several basic TCP > debugging techniques but in the end I set all of the CARP interfaces on the backup firewall to "down". > > This is where I am at the moment. Can anyone point me in the > direction of how I can investigate this further. I want to bring up > the backup firewall interfaces as soon as possible so that I have my > redundant set up but at the moment I am at a loss to think of what could be wrong. > > The only thing I can think off is that I have accidentally enabled > load balancing - but I have checked the basics from the CARP > documentation and , on the surface it does not look like it. > > I am running "4.1 GENERIC#874 amd64" > > > Regards > > Jonathan
