As these are live servers, the maximum time i have waited is 5 to 10 minutes before powering on the main firewall again. As the switches are only semi-manageable, i have not thought about looking at the arp tables there, will do that and report my findings. However, the switches have been power-cycled after configuring the carp-interfaces, yes. No spanning tree is configured on the switches.
Jo L Paulsen [EMAIL PROTECTED] Cellphone: (+47) 909 86 174 ---------------------------------------------------------------- Cleverly Disguised As A Responsible Adult ---------------------------------------------------------------- "The 'Net is a waste of time, and that's exactly what's right about it." - William Gibson ----- Original Message ----- From: Paul Mansfield [mailto:[EMAIL PROTECTED] To: support@pfsense.com Subject: Re: [pfSense Support] PFsense cluster trouble > jo Leander Paulsen wrote: > > If i take down the master firewall (simpy turning it off, this is doen as > a check of failover), then strange things happens. The VPN still works fine, > i can ping the branch office from a server inside the firewall. > > if you wait long enough for arp caches in your switches to expire, does > the slave start working normally? > > have you tried power cycling the switches so that they can't have been > confused by the shared mac? > > if they're managed, can you check the mac tables, and do you have > spanning tree on? > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
