Hi Kristo,
It's just the master that crashed, the backup can take over.
We think the panic we got by compiling with witness and invariant may be
a red herring.
We are now looking rules like
nat on $isp_if from <napts> to any -> <external_napts> sticky-address
if we replace the external_napts table with a single address rather than
a block of addresses the box does not crash.
We are following this line of investigation at the moment.
Regards
Joe Jones
On 01/03/18 09:57, Kristof Provost wrote:
On 1 Mar 2018, at 15:37, Joe Jones wrote:
yes we use pfsync. Yesterday we tried with pfsync switched off, the
box still locked up but this time without a panic.
We make the DIOCRADDADDRS ioctl on the master and the backup (we use
CARPed pairs).
Interesting. It might be related to pfsync. Is is the master that
panics or the backup? Or both?
Regards,
Kristof
_______________________________________________
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
