Hi, I used pfsense in a single node configuration for a few years now in the company where i work, and i've pushed a lot to use it in carp configuration as main firewall. I've been working to deploy a 2 nodes cluster running on vmware, and it's been working flawlessy for a month now, while transferring services publishing onto it. The setup is 2 wan, 2 lan and a pfsync interfaces. It is also running squid as reverse proxy and openvpn server for client access. The 2 LANs have each a CARP IP used as gateway on some machine. One of the WANs is currently disconnected. The other WAN has a bunch of CARP vips: the first one is used for outbound NAT, the others for various services on the pfsense itself and other machines.
Today, while configuring a GRE tunnel,(also creating outbound nat rules and adding a carp vip for that purpouse) the first wan carp vip stopped working. No trace of it in the CARP status (no MASTER/MASTER) and nothing in logs, except for the fact that the machines on lan using that VIP as outbound nat lost internet access. Everything else working normally.. I could ping each other primary ip on every interface. the proxy and vpn also running normally. While that was happening, i panicked and forgot to run packet capture, so i only have syslog and firewall logs. After about half an hour of trying various things i brought it back up opening that VIP config and hitting save. I got the mail notification for the CARP status change, and everything was normal. While trying to figure out what happened i found that a similar thing happened earlier in the morning, but only for a few minutes. One thing to note is that in the past a weird arp problem occurred, where our isp's router suddenly stopped communicating with some random ips on the wan side. I've searched the forum and found some thread but nothing conclusive,and some about some problem i already ran into on the test environment. In what direction should i start to look into? There might be some incompatibility with the network hardware between the two nodes or the isp's? Or is't more likely something on pfsense? I'd like to hear some ideas on what to look into now, and what to do to analyze the situation while this happens if it ever happens again. Thanks, spiorf
_______________________________________________ List mailing list [email protected] https://lists.pfsense.org/mailman/listinfo/list
