On Sat, Jul 2, 2011 at 4:34 AM, Shibashish wrote:
> Hi,
>
> What is the average time for the carp failover to kick in... i.e. how
> much time does it take for the "backup" to become "master" and start
> serving requests and vice versa?
Immediate if it's expected (i.e. you reboot the master), 1-2
I think we're discussing timeouts related to OSI levels 2 or 3. A
physical disconnect is of course immediate, but i think other factors
should be considered, like watchdog style errors, ping timeouts, and
transport layer failures.
I hope we can document points of failure and expected delays for
What is the average time for the carp failover to kick in... i.e. how
much time does it take for the "backup" to become "master" and start
serving requests and vice versa? Is the timing parameter configurable?
I have both the WAN and LAN gw as carp ip.
I as a human have never been faster then th
Hi,
What is the average time for the carp failover to kick in... i.e. how
much time does it take for the "backup" to become "master" and start
serving requests and vice versa? Is the timing parameter configurable?
I have both the WAN and LAN gw as carp ip.
Version2.0-RC1 (i386)
built on Thu Mar 1
On 2/10/2011 7:58 PM, Vaughn L. Reid III wrote:
On 2/10/2011 7:30 PM, Moshe Katz wrote:
Is your ISP Verizon? We have had many ARP issues with Verizon FIOS.
For our pfSense box to get all of our IPs, we have to manually set
each of the IPs as the WAN IP (one by one), then set up the Virtua
On 2/10/2011 7:30 PM, Moshe Katz wrote:
Is your ISP Verizon? We have had many ARP issues with Verizon FIOS.
For our pfSense box to get all of our IPs, we have to manually set
each of the IPs as the WAN IP (one by one), then set up the Virtual IP
settings after we do that.
Moshe
-
Is your ISP Verizon? We have had many ARP issues with Verizon FIOS. For
our pfSense box to get all of our IPs, we have to manually set each of the
IPs as the WAN IP (one by one), then set up the Virtual IP settings after we
do that.
Moshe
--
Moshe Katz
-- mo...@ymkat
On 2/10/2011 12:57 PM, Evgeny Yurchenko wrote:
On 11-02-10 11:07 AM, Vaughn L. Reid III wrote:
On 2/10/2011 10:42 AM, Vaughn L. Reid III wrote:
On 2/10/2011 9:32 AM, Vaughn L. Reid III wrote:
On 2/10/2011 2:43 AM, Seth Mos wrote:
Op 10-2-2011 4:18, Vaughn L. Reid III schreef:
1. Al
On 11-02-10 11:07 AM, Vaughn L. Reid III wrote:
On 2/10/2011 10:42 AM, Vaughn L. Reid III wrote:
On 2/10/2011 9:32 AM, Vaughn L. Reid III wrote:
On 2/10/2011 2:43 AM, Seth Mos wrote:
Op 10-2-2011 4:18, Vaughn L. Reid III schreef:
1. All the Master and backup status notifications in t
On 2/10/2011 10:42 AM, Vaughn L. Reid III wrote:
On 2/10/2011 9:32 AM, Vaughn L. Reid III wrote:
On 2/10/2011 2:43 AM, Seth Mos wrote:
Op 10-2-2011 4:18, Vaughn L. Reid III schreef:
1. All the Master and backup status notifications in the web interface
on both PFSense boxes show the c
On 2/10/2011 9:32 AM, Vaughn L. Reid III wrote:
On 2/10/2011 2:43 AM, Seth Mos wrote:
Op 10-2-2011 4:18, Vaughn L. Reid III schreef:
1. All the Master and backup status notifications in the web interface
on both PFSense boxes show the correct status
2. I'll do a packet capture tomorrow a
On 2/10/2011 2:43 AM, Seth Mos wrote:
Op 10-2-2011 4:18, Vaughn L. Reid III schreef:
1. All the Master and backup status notifications in the web interface
on both PFSense boxes show the correct status
2. I'll do a packet capture tomorrow and see if the carp-heartbeat
shows up
I was unaw
Op 10-2-2011 4:18, Vaughn L. Reid III schreef:
1. All the Master and backup status notifications in the web interface
on both PFSense boxes show the correct status
2. I'll do a packet capture tomorrow and see if the carp-heartbeat shows up
I was unaware that any Carp related traffic passed
On 2/9/2011 10:09 PM, Chris Buechler wrote:
On Wed, Feb 9, 2011 at 8:51 PM, Vaughn L. Reid III
wrote:
My understanding of forwarding also was that address learning is a normal
part of switch operation. But, I find it odd that turning that off lets the
fail-over box ping the CARP IP on the p
On 2/9/2011 9:20 PM, Evgeny Yurchenko wrote:
On 2/9/2011 2:35 PM, e...@tm-k.com wrote:
[snip]
Address Learning enabled on the Switch (default setting):
[snip]
Can you briefly explain what 'address learning' is according to D-Link?
On Wed, Feb 9, 2011 at 8:51 PM, Vaughn L. Reid III
wrote:
> My understanding of forwarding also was that address learning is a normal
> part of switch operation. But, I find it odd that turning that off lets the
> fail-over box ping the CARP IP on the primary box, with address learning on,
> I am
On 2/9/2011 2:35 PM, e...@tm-k.com wrote:
[snip]
Address Learning enabled on the Switch (default setting):
[snip]
Can you briefly explain what 'address learning' is according to D-Link?
-
To unsubscribe, e-mail: support-un
My understanding of forwarding also was that address learning is a
normal part of switch operation. But, I find it odd that turning that
off lets the fail-over box ping the CARP IP on the primary box, with
address learning on, I am unable to do that.
A clarification about the Carp setup -- Ea
On 2/9/11 1:12 PM, Vaughn L. Reid III wrote:
> According to page 15 of the reference manual "address learning" is:
>
> Enable or disable MAC address learning for the selected ports. When
> Enabled, destination and
> source MAC addresses are automatically listed in the forwarding table.
> When addr
According to page 15 of the reference manual "address learning" is:
Enable or disable MAC address learning for the selected ports. When
Enabled, destination and
source MAC addresses are automatically listed in the forwarding table.
When address learning
is Disabled, MAC addresses must be manual
[snip]
> Address Learning enabled on the Switch (default setting):
[snip]
Can you briefly explain what 'address learning' is according to D-Link?
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands,
I've got a PfSense version 1.2.3 cluster at a Public Library customer
connected to 6 WAN links.
The first 5 are connected as VLANS through a TP-Link SL3428 switch then
to an ISP provided Router (4 AT&T ADSL links each with a Netopia ADSL
router and a Fiber Link with a Cisco 2800 series router)
Hello,
I've posted a bug (http://redmine.pfsense.org/issues/1226) but could,
please anyone check if it is reproduceable on your boxes?
Thank you,
st41ker
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additiona
I've updated bug 1072 (http://redmine.pfsense.org/issues/1072)
According to packet dump
carp vhid=1
192.168.252.254 > 224.0.0.18: VRRPv2, Advertisement, vrid 1, prio 0,
authtype #128, intvl 1s, length 36, addrs(7):
107.95.16.142,89.11.4.1,28.106.118.248,149.43.12.212,148.195.215.246,252.189.
Hello,
Is there is any update on the issue?
On 11.12.2010 12:30, st41...@st41ker.net wrote:
Hello,
Understood. The requested changes has been made and the result is the
same.
Please, clarify, what exactly statistics do you need?
Here is complete output of netstat -ss
#uptime; netstat -ss
12:
Hello,
Understood. The requested changes has been made and the result is the
same.
Please, clarify, what exactly statistics do you need?
Here is complete output of netstat -ss
#uptime; netstat -ss
12:28PM up 33 mins, 2 users, load averages: 0.23, 0.23, 0.11
tcp:
14643 packets sent
Can you please try this change:
diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize
index 0a8316b..7bece74 100755
--- a/etc/rc.filter_synchronize
+++ b/etc/rc.filter_synchronize
@@ -66,7 +66,7 @@ function backup_vip_config_section() {
}
if($section['ad
Hello,
It seems like this question should be addressed to the pfSense kernel
maintainer(s).
I've two firewalls on 2.0-BETA4 with CARP enabled. Until the recent
upgrade everything worked almost perfect.
Now both routers got all CARP devices in MASTER state.
Firewall 1:
vip6: flags=49 metric
>On Mon, Nov 15, 2010 at 9:57 PM, Evgeny Yurchenko
wrote:
>>
>> I do not know a lot about Hyper-v but in VMWare for instance you can
>> block frames with 'faked' mac-addresses. Probably you hit the same
>> problem as CARP-packets have MAC-addresses 'not real' but specifically
crafted.
>
>I'm sur
On Mon, Nov 15, 2010 at 9:57 PM, Evgeny Yurchenko wrote:
>
> I do not know a lot about Hyper-v but in VMWare for instance you can block
> frames with 'faked' mac-addresses. Probably you hit the same problem as
> CARP-packets have MAC-addresses 'not real' but specifically crafted.
I'm sure that's
On 10-11-16 12:19 PM, Dimitri Rodis wrote:
On 10-11-15 09:22 PM, Dimitri Rodis wrote:
I recently migrated a pfSense virtual machine (version 1.2.2) that was
running flawlessly on Hyper-V (first release) with 2 additional CARP
IP addresses on the WAN interface for about 16 months. Over the
we
On 10-11-15 09:22 PM, Dimitri Rodis wrote:
I recently migrated a pfSense virtual machine (version 1.2.2) that was
running flawlessly on Hyper-V (first release) with 2 additional CARP IP
addresses on the WAN interface for about 16 months. Over the weekend, I
migrated that virtual machine over t
On 10-11-15 09:22 PM, Dimitri Rodis wrote:
I recently migrated a pfSense virtual machine (version 1.2.2) that was
running flawlessly on Hyper-V (first release) with 2 additional CARP
IP addresses on the WAN interface for about 16 months. Over the
weekend, I migrated that virtual machine over
I recently migrated a pfSense virtual machine (version 1.2.2) that was
running flawlessly on Hyper-V (first release) with 2 additional CARP IP
addresses on the WAN interface for about 16 months. Over the weekend, I
migrated that virtual machine over to a Hyper-V R2 machine, and all was well
except
On 10/28/2010 3:22 PM, Gerald Waugh wrote:
> Appears to be ongoing expense to have to get another subnet from ISP.
> We have a /24 now and the servers use this,
> We use bridging to get them through the pfsense firewall, and works great.
> Just looking for the redundancy carp provides.
Yes, but th
On Thu, 2010-10-28 at 14:34 -0400, Jim Pingle wrote:
> On 10/28/2010 1:43 PM, David Burgess wrote:
> > On Thu, Oct 28, 2010 at 11:35 AM, Gerald Waugh
> > wrote:
> >
> >> We use bridging as the pfsense machine firewalls servers with public IP
> >> addresses. Clues on how to accomplish with routi
On 10/28/2010 1:43 PM, David Burgess wrote:
> On Thu, Oct 28, 2010 at 11:35 AM, Gerald Waugh
> wrote:
>
>> We use bridging as the pfsense machine firewalls servers with public IP
>> addresses. Clues on how to accomplish with routing appreciated.
>
> You have a public subnet from your ISP, 1.1.1.
On Thu, 2010-10-28 at 11:43 -0600, David Burgess wrote:
> On Thu, Oct 28, 2010 at 11:35 AM, Gerald Waugh
> wrote:
>
> > We use bridging as the pfsense machine firewalls servers with public IP
> > addresses. Clues on how to accomplish with routing appreciated.
>
> You have a public subnet from y
On Thu, Oct 28, 2010 at 11:35 AM, Gerald Waugh
wrote:
> We use bridging as the pfsense machine firewalls servers with public IP
> addresses. Clues on how to accomplish with routing appreciated.
You have a public subnet from your ISP, 1.1.1.0/24, for example.
You get a static IP from your ISP th
On Thu, 2010-10-28 at 12:48 -0400, Jim Pingle wrote:
> On 10/28/2010 12:25 PM, Gerald Waugh wrote:
> > We desire to add carp to our current pfsense firewall
> > Purchased a second server for the slave/secondary
> >
> > Currently bridging the WAN/Opt(Servers) interfaces on the master/primary
> > U
On 10/28/2010 12:25 PM, Gerald Waugh wrote:
> We desire to add carp to our current pfsense firewall
> Purchased a second server for the slave/secondary
>
> Currently bridging the WAN/Opt(Servers) interfaces on the master/primary
> Using pfsense 1.2.3
>
> Looking for howto links and any other info
We desire to add carp to our current pfsense firewall
Purchased a second server for the slave/secondary
Currently bridging the WAN/Opt(Servers) interfaces on the master/primary
Using pfsense 1.2.3
Looking for howto links and any other info
TIA
--
Gerald
---
On Wed, Oct 27, 2010 at 5:27 AM, Michel Servaes wrote:
> Hi,
>
>
> I was wondering, if I have a fully installed pfSense on a real server
> platform... it would be possible to add an Alix-embedded as backup ?
I've set that up before, works fine.
> I read that when using multiple WAN interfaces, C
Hi,
I was wondering, if I have a fully installed pfSense on a real server
platform... it would be possible to add an Alix-embedded as backup ?
And in the case of hardware failing, it would jump to the Alix (without
packages installed)...
The "real" server, has packages like proxy and so on (tran
Matias wrote:
Hi,
I've an internet connection on which my ISP provides a /29 network,
just one IP for my pfSense (1.2.1) box and on ip for their gateway.
I'd like to set up this IP as CARP and be shared with the second
pfSense box I have, but as far as I understand, in order to have this
IP
Hi,
I've an internet connection on which my ISP provides a /29 network, just
one IP for my pfSense (1.2.1) box and on ip for their gateway.
I'd like to set up this IP as CARP and be shared with the second pfSense
box I have, but as far as I understand, in order to have this IP address
as CAR
On Mon, May 31, 2010 at 5:49 PM, Justin The Cynical
wrote:
> On 5/31/10 1:58 PM, Chris Buechler wrote:
>
> *snip*
>
>>>
>>> The port forward to .65 works, but the .69 does not. If the machines
>>> failover (.69 becomes the active machine), the forward for .69 works,
>>> but the .65 does not. Whe
On 5/31/10 1:58 PM, Chris Buechler wrote:
*snip*
>>
>> The port forward to .65 works, but the .69 does not. If the machines
>> failover (.69 becomes the active machine), the forward for .69 works,
>> but the .65 does not. When .65 comes back up as the active box, the
>> forward on .69 stops wor
On 5/31/10 1:43 PM, Dimitri Rodis wrote:
> If the port forwards are on the WAN addresses themselves, to my knowledge
> they will not fail over. My understanding is that all "addresses" (and port
> forwards) that you intend to survive a failover must be on CARP addresses.
>
> Dimitri Rodis
> Integr
On Mon, May 31, 2010 at 1:56 AM, Justin The Cynical
wrote:
> Greetings.
>
> I finally set up a failover box for CARP. And so far, everything seems
> to be working fine, with one minor detail.
>
> WAN IP range: .65 - .96
>
> .66 - .68 are setup as CARP
> .65 and .69 are the WAN interfaces
> Port f
-
From: Justin The Cynical [mailto:cyni...@penguinness.org]
Sent: Sunday, May 30, 2010 10:56 PM
To: support@pfsense.com
Subject: [pfSense Support] CARP and NAT problems
Greetings.
I finally set up a failover box for CARP. And so far, everything seems to
be working fine, with one minor detai
Greetings.
I finally set up a failover box for CARP. And so far, everything seems
to be working fine, with one minor detail.
WAN IP range: .65 - .96
.66 - .68 are setup as CARP
.65 and .69 are the WAN interfaces
Port forwards on .65 and .69
The problem:
When this was a single machine, I had p
Hello Evgeny,
On Mon, Nov 16, 2009 at 17:31, Evgeny Yurchenko wrote:
> Could you explain how it works please? I have no questions about
> active(CARP) one but what about passive? bgpd on passive one will be
> continuously trying to connect to peer... using what source IP?
The key is to use "loca
Aarno Aukia wrote:
Hello,
On Sat, Nov 14, 2009 at 03:36, Chris Buechler wrote:
On Fri, Nov 13, 2009 at 9:13 PM, Glenn Kelley wrote:
Am I correct in assuming that CARP and BGP cannot work together - as CARP
pushes private ip addresses ?
CARP doesn't push private IPs, not sure
On Sat, Nov 14, 2009 at 4:53 AM, Aarno Aukia wrote:
> We have this running in prodution, feel free to contact me off-list for
> details.
>
Can people contribute these sample configurations for "how do I X" to
the wiki? Having a lot of recipes on how to accomplish various
scenarios is key to inc
Hello,
On Sat, Nov 14, 2009 at 03:36, Chris Buechler wrote:
> On Fri, Nov 13, 2009 at 9:13 PM, Glenn Kelley wrote:
>> Am I correct in assuming that CARP and BGP cannot work together - as CARP
>> pushes private ip addresses ?
>>
>
> CARP doesn't push private IPs, not sure what you mean by that, b
On Fri, Nov 13, 2009 at 9:13 PM, Glenn Kelley wrote:
> Am I correct in assuming that CARP and BGP cannot work together - as CARP
> pushes private ip addresses ?
>
CARP doesn't push private IPs, not sure what you mean by that, but it
can work just the same as anything with public IPs. Though there
Am I correct in assuming that CARP and BGP cannot work together - as
CARP pushes private ip addresses ?
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Comme
Chris Buechler wrote:
On Fri, Nov 13, 2009 at 4:31 PM, Evgeny Yurchenko wrote:
If I pay for support would somebody be able to login and see what is going
on here?
Sure, absolutely.
Paid. Should we proceed off list?
Thanks.
---
Chris Buechler wrote:
On Fri, Nov 13, 2009 at 4:31 PM, Evgeny Yurchenko wrote:
If I pay for support would somebody be able to login and see what is going
on here?
Sure, absolutely.
BTW https://portal.pfsense.org/index.php/subscribe-for-access does not
look nice in IE.
On Fri, Nov 13, 2009 at 4:31 PM, Evgeny Yurchenko wrote:
>
> If I pay for support would somebody be able to login and see what is going
> on here?
>
Sure, absolutely.
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For
Evgeny Yurchenko wrote:
Jim Pingle wrote:
Evgeny Yurchenko wrote:
Yesterday it happened twice on one of my production firewalls. CPU load
was less than 10%. Did not pay attention at the moment but accoring to
RRD number of states was not unusual - 4-5k. I reproduced it in my
lab -
only test
Ermal Luçi wrote:
On Fri, Oct 16, 2009 at 6:21 PM, Roberto Greiner wrote:
Hi,
I'm having trouble making captive portal and CARP work togheter.
I've set CARP to use the WAN interface for synchronization, and it works
fine.
Problem is, the moment I enable Captive Portal, the LAN Virtual IP
On Fri, Oct 16, 2009 at 6:21 PM, Roberto Greiner wrote:
> Hi,
>
> I'm having trouble making captive portal and CARP work togheter.
>
> I've set CARP to use the WAN interface for synchronization, and it works
> fine.
>
> Problem is, the moment I enable Captive Portal, the LAN Virtual IP dies out
>
Might be a long shot, but check your subnet mask for the CARP. I've
seen odd things happend when that is not correct.
Curtis LaMasters
http://www.curtis-lamasters.com
http://www.builtnetworks.com
On Mon, Oct 19, 2009 at 9:33 AM, Roberto Greiner wrote:
> Hi,
>
> no one with ideas about this?
>
Hi,
no one with ideas about this?
Roberto
Roberto Greiner wrote:
Hi,
I'm having trouble making captive portal and CARP work togheter.
I've set CARP to use the WAN interface for synchronization, and it
works fine.
Problem is, the moment I enable Captive Portal, the LAN Virtual IP
dies out
Jim Pingle wrote:
Evgeny Yurchenko wrote:
Yesterday it happened twice on one of my production firewalls. CPU load
was less than 10%. Did not pay attention at the moment but accoring to
RRD number of states was not unusual - 4-5k. I reproduced it in my lab -
only test connection, so number of
Hi,
I'm having trouble making captive portal and CARP work togheter.
I've set CARP to use the WAN interface for synchronization, and it works
fine.
Problem is, the moment I enable Captive Portal, the LAN Virtual IP dies
out (stops pinging), and the whole setup stops working. I've tried
addi
Evgeny Yurchenko wrote:
> Yesterday it happened twice on one of my production firewalls. CPU load
> was less than 10%. Did not pay attention at the moment but accoring to
> RRD number of states was not unusual - 4-5k. I reproduced it in my lab -
> only test connection, so number of states was less
On Thu, Oct 8, 2009 at 12:51 PM, Evgeny Yurchenko wrote:
> Yes, sorry. It was about 100Mb/s
During heavy load what does this sysctl show?
sysctl net.inet.ip.intr_queue_drops
Scott
-
To unsubscribe, e-mail: support-unsubscr...@
Scott Ullrich wrote:
On Thu, Oct 8, 2009 at 11:42 AM, Evgeny Yurchenko wrote:
Thanks I will. 20 Mbit/s is nothing though...
I agree but you failed to mention how much traffic you are pushing.
Scott
Yes, sorry. It was about 100Mb/s
On Thu, Oct 8, 2009 at 11:42 AM, Evgeny Yurchenko wrote:
> Thanks I will. 20 Mbit/s is nothing though...
I agree but you failed to mention how much traffic you are pushing.
Scott
-
To unsubscribe, e-mail: support-unsubscr...@pf
Scott Ullrich wrote:
On Thu, Oct 8, 2009 at 11:24 AM, Evgeny Yurchenko wrote:
Yesterday it happened twice on one of my production firewalls. CPU load was
less than 10%. Did not pay attention at the moment but accoring to RRD
number of states was not unusual - 4-5k. I reproduced it in my lab
On Thu, Oct 8, 2009 at 11:24 AM, Evgeny Yurchenko wrote:
> Yesterday it happened twice on one of my production firewalls. CPU load was
> less than 10%. Did not pay attention at the moment but accoring to RRD
> number of states was not unusual - 4-5k. I reproduced it in my lab - only
> test connect
Paul Mansfield wrote:
On 07/10/09 18:47, Evgeny Yurchenko wrote:
Has anybody noticed this behavior?
The simplest set up: two pfSenses with LAN WAN and CARP on both
interfaces (with separate interface for SYNC).
When there is little traffic active pfSense sends CARP packets with
priority 0 every
On 07/10/09 18:47, Evgeny Yurchenko wrote:
Has anybody noticed this behavior?
The simplest set up: two pfSenses with LAN WAN and CARP on both
interfaces (with separate interface for SYNC).
When there is little traffic active pfSense sends CARP packets with
priority 0 every second, everything is o
Has anybody noticed this behavior?
The simplest set up: two pfSenses with LAN WAN and CARP on both
interfaces (with separate interface for SYNC).
When there is little traffic active pfSense sends CARP packets with
priority 0 every second, everything is ok.
Gradually increasing traffic you reach
2009/8/21 Chris Buechler :
> On Fri, Aug 21, 2009 at 5:13 AM, Simon Dick wrote:
>> Are there any plans to get openvpn working well with CARP? I currently
>> have a 2 pfSense CARP setup with VPN access via openvpn for support
>> use, but due to the firewall failover, I have to have 2 openvpn conf
>>
On Fri, Aug 21, 2009 at 5:13 AM, Simon Dick wrote:
> Are there any plans to get openvpn working well with CARP? I currently
> have a 2 pfSense CARP setup with VPN access via openvpn for support
> use, but due to the firewall failover, I have to have 2 openvpn conf
> files to use depending which fir
Are there any plans to get openvpn working well with CARP? I currently
have a 2 pfSense CARP setup with VPN access via openvpn for support
use, but due to the firewall failover, I have to have 2 openvpn conf
files to use depending which firewall is active at the time.
If it's already working, plea
Joseph Hardeman wrote:
> One other question now that I think of it.
>
> Does CARP work between two firewalls that are running in full Bridge
> mode, no NATing done at all, just port blocking on the WAN interface?
> We have two firewalls and I want to make sure any states are kept intact
> on the c
One other question now that I think of it.
Does CARP work between two firewalls that are running in full Bridge
mode, no NATing done at all, just port blocking on the WAN interface?
We have two firewalls and I want to make sure any states are kept intact
on the chance we have to failover to t
On Thu, Apr 9, 2009 at 7:00 PM, Dimitri Rodis
wrote:
> Good deal. I'll go to a later snapshot then.
>
> Are upgrades between snapshots on embedded working at the moment, or should
> I just reflash?
>
Yeah you got hit with the xmlparse.inc issue that was in snapshots for
a couple days. I know CARP
Sent: Thursday, April 09, 2009 11:37 AM
To: support@pfsense.com
Subject: Re: [pfSense Support] CARP Bug in 1.2.3
On Thu, Apr 9, 2009 at 1:57 PM, Dimitri Rodis
wrote:
> The snapshot I'm using is dated April 1.. that's a couple of days after
the
> hackathon, I believe. Any idea when the x
On Thu, Apr 9, 2009 at 1:57 PM, Dimitri Rodis
wrote:
> The snapshot I'm using is dated April 1.. that's a couple of days after the
> hackathon, I believe. Any idea when the xmlparse.inc from HEAD was removed?
You where affected then. It was removed for causing various problems
such as these.
S
@gmail.com]
Sent: Thursday, April 09, 2009 10:17 AM
To: support@pfsense.com
Subject: Re: [pfSense Support] CARP Bug in 1.2.3
On Thu, Apr 9, 2009 at 12:37 PM, Dimitri Rodis
wrote:
> I think this is more obscure than you think-- this is on a snapshot build,
> so how many people have 1) run a 1
On Thu, Apr 9, 2009 at 12:37 PM, Dimitri Rodis
wrote:
> I think this is more obscure than you think-- this is on a snapshot build,
> so how many people have 1) run a 1.2.3 snapshot, 2) _had_ a redundant CARP
> config, and then 3) removed the redundant member and 4) added some Outbound
> NAT rules
ewhere, because like I said, I didn't
dupe the section myself.
Dimitri Rodis
Integrita Systems LLC
-Original Message-
From: Scott Ullrich [mailto:sullr...@gmail.com]
Sent: Thursday, April 09, 2009 8:15 AM
To: support@pfsense.com
Subject: Re: [pfSense Support] CARP Bug in 1.2
On Wed, Apr 8, 2009 at 11:31 PM, Dimitri Rodis
wrote:
> Currently running:
>
> 1.2.3-RC1
> built on Wed Apr 1 16:59:10 EDT 2009
>
>
>
> Changed the CARP config-- had a redundant member that I removed, so I shut
> pfsync off. However, I kept getting messages along the top that XMLRPC sync
> was fai
Currently running:
1.2.3-RC1
built on Wed Apr 1 16:59:10 EDT 2009
Changed the CARP config-- had a redundant member that I removed, so I shut
pfsync off. However, I kept getting messages along the top that XMLRPC sync
was failing. I checked, and it was disabled--so, I unchecked absolutely
ever
Further, CARP doesn't run on a dedicated NIC, pfsync does (and no,
it's not required, however it isn't encrypted or authenticated).
--Bill
Sent from my iPhone
On Mar 18, 2009, at 7:01 PM, Chris Buechler wrote:
On Wed, Mar 18, 2009 at 7:55 PM, Nathan Eisenberg
wrote:
Is there any provisi
On Wed, Mar 18, 2009 at 7:55 PM, Nathan Eisenberg
wrote:
>
> Is there any provision for doing CARP over serial/SLIP, or do I have to have
> a third Ethernet interface?
No, because it wouldn't work unless you have a 512 Kb Internet pipe or
slower. Serial is *way* too slow to sync states with any
Seems like I'm ending up asking a lot of questions here lately.
(Long Version)
I have two servers I want to set up as a CARP cluster. So I did, and that's
working fine. The only issue is that the servers only have 2 NICs. I setup a
VLAN on the LAN interface to function as a temporary CARP int
Hello everybody
I am working with a 2 node failover of 2 pfsense 1.2.2 and it its great!!
It works perfect, but I ask you that if its possible to define upscript
of carp via web interface, or modifying php code.
I think this is a good feature for pfsense 2.0, and in general the
"magic box" o
-Ensure that the admin passwords are the same on both firewalls.
-If you have a dedicated set of NICs for sync traffic, ensure that you
permit this type of traffic.
-Create 2 CARP address (LAN and WAN)
-Enable manual outbound NAT and specify the CARP address is your default
outbound for your inboun
Hello, we just brought up a secondary pfsense firewall, fw02. We are
getting the following error on fw01:
[sync_settings]An error code was received while attempting XMLRPC sync
with username admin http://172.16.4.6:80 - Code 2: Invalid return
payload: enable debugging to examine incoming payl
Bill
Thanks for correcting. I am quite green on this stuff and as they say little
knowledge is dangerous!
Load balance built in is a great idea. I will test that out too...
Bill Marquette <[EMAIL PROTECTED]> wrote: On Tue, Apr 1, 2008 at 9:44 AM, Anil
Garg wrote:
> However most examples are
On Tue, Apr 1, 2008 at 9:44 AM, Anil Garg <[EMAIL PROTECTED]> wrote:
> However most examples are for WAN side traffic and for keeping internet
> alive. I will keep trying to find something that shows how servers can be
> balanced.
If balancing is what you need, then use the load balancer built in
Then David is right, you want load balancing, not CARP high
availability. Look at the pfSense documentation for load balancing.
-Gary
Anil Garg wrote:
Thanks David and Thanks Gary.
I spent a lot of time reading and a few things are somewhat becoming
clear.. CARP uses a trusted (preferably
Thanks David and Thanks Gary.
I spent a lot of time reading and a few things are somewhat becoming clear..
CARP uses a trusted (preferably dedicated) link to send heartbeat signals to
keep who is alive. This common knowledge enables some pfsense to stay inactive
(to either act as dhcp server o
1 - 100 of 301 matches
Mail list logo