From: Tebano epaminonda [mailto:l_epa_m_ino...@hotmail.com] Sent: June 12, 2009 9:18 AM To: support@pfsense.com Subject: RE: [pfSense Support] Multiwan suggestions before v. 2.0 ...
> Date: Fri, 12 Jun 2009 09:03:45 -0400 > From: evgeny.yurche...@frontline.ca > To: support@pfsense.com > Subject: RE: [pfSense Support] Multiwan suggestions before v. 2.0 ... > > From: Tebano epaminonda [mailto:l_epa_m_ino...@hotmail.com] > Sent: June 12, 2009 4:11 AM > To: support@pfsense.com > Subject: RE: [pfSense Support] Multiwan suggestions before v. 2.0 ... > > > > > Date: Thu, 11 Jun 2009 13:43:31 -0400 > > From: evgeny.yurche...@frontline.ca > > To: support@pfsense.com > > Subject: RE: [pfSense Support] Multiwan suggestions before v. 2.0 ... > > > > From: Webmaster Megastar [mailto:webmas...@megastar.fr] > > Sent: June 11, 2009 2:35 AM > > To: support@pfsense.com > > Subject: Re: [pfSense Support] Multiwan suggestions before v. 2.0 ... > > > > There is a bug when you want to setup multiwan + load balancing + carp. The > > development team is aware of this. It seems there's a problem with > > broadcasting. See this topic for more : > > http://forum.pfsense.org/index.php/topic,16566.0.html > > > > Chris Buechler a écrit : > > On Wed, Jun 10, 2009 at 10:03 AM, Tebano > > epaminonda<l_epa_m_ino...@hotmail.com> wrote: > > > > > > I've 2 isp with 2 different IP and routers. > > So I've configured 2 pfsense in load balance and with carp between them > > (internal and external, so I always has a single IP to manage with routes > > and nats). > > All works perfectly, if all ISP are working, or if I detach the WAN2-isp > > connection. > > > > But if I try to detach the first one, no-one is able to connect to the > > external of pfsense; > > the same pfsenses aren't able to connect to the internet. > > > > I see (correctly!), into the "load balance" status that only half of > > monitored IP are reachble, but if I try to traceroute them, or something > > else, connection fails. > > > > > > > > You have something wrong with your policy routing rules, or something. > > Traffic from the firewall itself will not follow those rules, and will > > be down when your WAN is down. Generally that's no big deal as nothing > > is initiated from the firewall other than traffic that you direct > > appropriately via static routes (DNS servers). > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > > For additional commands, e-mail: support-h...@pfsense.com > > > > Commercial support available - https://portal.pfsense.org > > > > ---------------------------------------------------- > > This bug has nothing to do with described problem. > > > > Eugene. > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > > For additional commands, e-mail: support-h...@pfsense.com > > > > Commercial support available - https://portal.pfsense.org > > Hi Eugene. > There's some link where I can see a bug description? > And, do You suggest me to retry the join of the carp after discovered which > was the original problem was locking me, or it's the case to wait anyway for > stable 1.2.3 release? > Thanks. > Cheers, Tebano. > > ________________________________________ > See all the ways you can stay connected to friends and family > > Hi Tebano! Megastar quoted the link but again I do not think this is your > problem. You apparently misconfigured "policy based routing" and as I > understand you've solved your problem, didn't you? > If no then post your pfctl -sr | grep <lan interface name> > Eugene > > --------------------------------------------------------------------- > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org --- Hi Eugene. Yes, You're right. I've now solved my initial misconfiguration, but during this process, I've removed also the carp. So, the reason for which I'm asking more info about the issue is just related to my fear to re-introduce the original configuration, without know which are the risks... I've read about a possible "broadcast storm"... It doesn't sound "relaxing"... What do You suggest me? Thanks a lot. Cheers, Tebano. ________________________________ Invite your mail contacts to join your friends list with Windows Live Spaces. It's easy! Try it! <http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us> 'Broadcast storm' is coming from loadbalancer not from carp. I've seen that it is fixed in latest releases though did not have time to test it. If you know what WAS your problem and how you DID fix it then you can safely introduce carp. Eugene.
