Can you please try this change:
diff --git a/etc/rc.filter_synchronize b/etc/rc.filter_synchronize
index 0a8316b..7bece74 100755
--- a/etc/rc.filter_synchronize
+++ b/etc/rc.filter_synchronize
@@ -66,7 +66,7 @@ function backup_vip_config_section() {
}
if($section['advbase'] <> "") {
$section_val = intval($section['advbase']);
- $section_val=$section_val+1;
+ $section_val=$section_val;
if($section_val > 255)
$section_val = 255;
$section['advbase'] = $section_val;
I would like to see even some statistics of your interfaces.
On Fri, Dec 10, 2010 at 7:38 PM, <st41...@st41ker.net> wrote:
> Hello,
>
> It seems like this question should be addressed to the pfSense kernel
> maintainer(s).
>
> I've two firewalls on 2.0-BETA4 with CARP enabled. Until the recent upgrade
> everything worked almost perfect.
> Now both routers got all CARP devices in MASTER state.
>
> Firewall 1:
> vip6: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
> inet 192.168.199.1 netmask 0xffffff00
> carp: MASTER vhid 6 advbase 2 advskew 100
> vip10: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
> inet 192.168.0.51 netmask 0xffffff00
> carp: MASTER vhid 10 advbase 2 advskew 100
> vip12: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
> inet 192.168.253.252 netmask 0xffffff00
> carp: MASTER vhid 12 advbase 2 advskew 100
>
> #netstat -ssp carp
> carp:
> 92555 packets received (IPv4)
> 14 discarded for bad authentication
> 92222 discarded for bad vhid
> 39869 packets sent (IPv4)
>
> Firewall 2:
> vip6: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
> inet 192.168.199.1 netmask 0xffffff00
> carp: MASTER vhid 6 advbase 1 advskew 0
> vip10: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
> inet 192.168.0.51 netmask 0xffffff00
> carp: MASTER vhid 10 advbase 1 advskew 0
> vip12: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500
> inet 192.168.253.252 netmask 0xffffff00
> carp: MASTER vhid 12 advbase 1 advskew 0
>
> #netstat -ssp carp
> carp:
> 39184 packets received (IPv4)
> 1 discarded for bad authentication
> 39074 discarded for bad vhid
> 93005 packets sent (IPv4)
>
> Here is a packet dump:
>
> #tcpdump -nvei re0_vlan5 not tcp and not udp
> tcpdump: listening on re0_vlan5, link-type EN10MB (Ethernet), capture size
> 96 bytes
> 20:28:26.227652 00:00:5e:00:01:0a > 01:00:5e:00:00:12, ethertype IPv4
> (0x0800), length 70: (tos 0x10, ttl 255, id 13532, offset 0, flags [DF],
> proto VRRP (112), length 56, bad cksum 0 (->a57a)!)
> 192.168.0.52 > 224.0.0.18: VRRPv2, Advertisement, vrid 10, prio 0,
> authtype #128, intvl 1s, length 36, addrs(7):
> 227.234.177.249,120.162.118.75,40.102.130.17,242.232.0.66,58.203.185.41,64.96.187.4,114.121.226.49
> 20:28:26.723778 00:00:5e:00:01:0a > 01:00:5e:00:00:12, ethertype IPv4
> (0x0800), length 70: (tos 0x10, ttl 255, id 13772, offset 0, flags [DF],
> proto VRRP (112), length 56)
> 192.168.0.53 > 224.0.0.18: VRRPv2, Advertisement, vrid 10, prio 100,
> authtype #128, intvl 2s, length 36, addrs(7):
> 227.234.177.249,120.162.117.92,228.194.169.203,197.128.149.181,204.97.168.247,234.48.188.234,14.68.23.250
> 20:28:27.223192 00:00:5e:00:01:0a > 01:00:5e:00:00:12, ethertype IPv4
> (0x0800), length 70: (tos 0x10, ttl 255, id 57411, offset 0, flags [DF],
> proto VRRP (112), length 56, bad cksum 0 (->fa12)!)
> 192.168.0.52 > 224.0.0.18: VRRPv2, Advertisement, vrid 10, prio 0,
> authtype #128, intvl 1s, length 36, addrs(7):
> 227.234.177.249,120.162.118.76,5.159.71.110,98.90.217.70,117.200.253.191,117.207.179.185,132.131.241.197
> 20:28:28.218741 00:00:5e:00:01:0a > 01:00:5e:00:00:12, ethertype IPv4
> (0x0800), length 70: (tos 0x10, ttl 255, id 26425, offset 0, flags [DF],
> proto VRRP (112), length 56, bad cksum 0 (->731d)!)
> 192.168.0.52 > 224.0.0.18: VRRPv2, Advertisement, vrid 10, prio 0,
> authtype #128, intvl 1s, length 36, addrs(7):
> 227.234.177.249,120.162.118.77,156.42.80.119,212.10.43.254,52.127.252.175,13.193.236.116,250.186.146.126
> 20:28:29.115843 00:00:5e:00:01:0a > 01:00:5e:00:00:12, ethertype IPv4
> (0x0800), length 70: (tos 0x10, ttl 255, id 17830, offset 0, flags [DF],
> proto VRRP (112), length 56)
> 192.168.0.53 > 224.0.0.18: VRRPv2, Advertisement, vrid 10, prio 100,
> authtype #128, intvl 2s, length 36, addrs(7):
> 227.234.177.249,120.162.117.93,134.208.204.108,14.90.209.13,71.169.61.99,222.84.234.186,206.168.118.252
> 20:28:29.214280 00:00:5e:00:01:0a > 01:00:5e:00:00:12, ethertype IPv4
> (0x0800), length 70: (tos 0x10, ttl 255, id 20580, offset 0, flags [DF],
> proto VRRP (112), length 56, bad cksum 0 (->89f2)!)
> 192.168.0.52 > 224.0.0.18: VRRPv2, Advertisement, vrid 10, prio 0,
> authtype #128, intvl 1s, length 36, addrs(7):
> 227.234.177.249,120.162.118.78,152.171.173.48,92.93.224.15,236.101.105.252,83.24.68.20,227.104.66.63
>
>
> Overall picture is the same as it was before the upgrade, except that each
> machine now ignores the carp packets.
> Did someone make changes in FreeBSD carp subsystem?
>
> --
> Thanks,
> St41ker.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: support-unsubscr...@pfsense.com
> For additional commands, e-mail: support-h...@pfsense.com
>
> Commercial support available - https://portal.pfsense.org
>
>
--
Ermal
---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
