On 2/10/2011 7:58 PM, Vaughn L. Reid III wrote:
On 2/10/2011 7:30 PM, Moshe Katz wrote:
Is your ISP Verizon? We have had many ARP issues with Verizon FIOS.
For our pfSense box to get all of our IPs, we have to manually set
each of the IPs as the WAN IP (one by one), then set up the Virtual
IP settings after we do that.
Moshe
--
Moshe Katz
-- mo...@ymkatz.net mailto:mo...@ymkatz.net
-- +1(301)867-3732
On Thu, Feb 10, 2011 at 7:19 PM, Vaughn L. Reid III
vaughn_reid_...@elitemail.org
mailto:vaughn_reid_...@elitemail.org wrote:
On 2/10/2011 12:57 PM, Evgeny Yurchenko wrote:
On 11-02-10 11:07 AM, Vaughn L. Reid III wrote:
On 2/10/2011 10:42 AM, Vaughn L. Reid III wrote:
On 2/10/2011 9:32 AM, Vaughn L. Reid III wrote:
On 2/10/2011 2:43 AM, Seth Mos wrote:
Op 10-2-2011 4:18, Vaughn L. Reid III schreef:
1. All the Master and backup status
notifications in the web interface
on both PFSense boxes show the correct status
2. I'll do a packet capture tomorrow and
see if the carp-heartbeat shows up
I was unaware that any Carp related
traffic passed between any of the
interfaces except the one designated as
the synchronization interface. I
need to double-check the multi-cast
configuration on the switch tomorrow
also ( I think I have multi-cast enabled
on the switch, but need to
confirm that).
Yes, some switch support multicast filtering,
I know from experience with HP switches that
it works with the setting on. So I know they
have it implemented correctly. This way not
all switch ports get the carp traffic unless
they participate in the multicast group. This
cuts down on broadcast a lot.
I recommend the HP switches, they have never
given me any grief as long as I've worked
with them. I even have a carp cluster
spanning 2 building across the street over a
fiber connection. It just works.
If you need a managed switch on a budget I
can confirm that the HP Procurve 1810-8G
works well. It's web managed, supports vlans
and basic traffic counters. It is also fanless.
The smallest I have in use on a carp cluster
is a Procurcve 2650 in combination with a
2900-48G. The biggest I have is a 8212zl. Do
note that the software in the 1810 differs a
lot from the other managed switches.
Regards,
Seth
-
To unsubscribe, e-mail:
support-unsubscr...@pfsense.com
mailto:support-unsubscr...@pfsense.com
For additional commands, e-mail:
support-h...@pfsense.com
mailto:support-h...@pfsense.com
Commercial support available -
https://portal.pfsense.org
I've run a packet capture and here are the results:
1. Capture shows a bunch of VRRP announcements
from the primary firewall to destination
224.0.0.18. The destination confirms this is a
multicast address I believe. According to
Wikipedia, VRRP and CARP share the same protocol
number. So, I believe that these are CARP
announcements.
2. All the VRRP requests had a vrrp.prio value
of 0 with a description of Priority: 0 (Current
Master has stopped participating in VRRP)
3. Over a 114 second capture, there were no VRRP
announcements from the secondary firewall.
4. There were lots of ARP broadcast requests
from the secondary firewall asking for who has
the IP of the default gateway. There were 0 ARP
requests from the primary firewall during the
capture period.
