On 10-11-15 09:22 PM, Dimitri Rodis wrote:
I recently migrated a pfSense virtual machine (version 1.2.2) that was running flawlessly on Hyper-V (first release) with 2 additional CARP IP addresses on the WAN interface for about 16 months. Over the weekend, I migrated that virtual machine over to a Hyper-V R2 machine, and all was well except that the 2 additional CARP IPs do not respond to traffic (although traffic to/from/in/out of the WAN's actual IP works fine). After rebooting nearly every piece of equipment between the servers and the ISP, the only thing that made the CARP IPs work again was migrating the virtual machine back to the original Hyper-V (non-R2) host. Any ideas on why CARP IPs wouldn't work on Hyper-V R2? Is there something since 1.2.2 that might change this? Thanks, Dimitri Rodis Integrita Systems LLC http://www.integritasystems.com I do not know a lot about Hyper-v but in VMWare for instance you can block frames with 'faked' mac-addresses. Probably you hit the same problem as CARP-packets have MAC-addresses 'not real' but specifically crafted. Weird thing though in your e-mail is that you mention only one virtual machine... do you use CARP-IPs with one pfSense? if yes then why would you need such set up? Evgeny. I have several public IPs from the ISP, and need to use each of them for different purposes (SSL/TCP-443 for different sites & services). I use CARP addresses for the rest of the IPs I've been given-then if I get the opportunity to add redundancy, they are already set up that way. Obviously the point is that the additional CARP addresses don't seem to function at all when pfSense is run under Hyper-V R2 as opposed to Hyper-V R1, and I am hoping to resolve that issue so that the old server can be formatted and upgraded and added to the cluster.. FWIW, both hosts are Dell PowerEdge 2900s *identically* configured, with the only exception currently being the of the amount of RAM,
smime.p7s
Description: S/MIME cryptographic signature