On Fri, Mar 17, 2006 at 07:59:35PM +0100, Henning Brauer wrote:
> * Steven S <[EMAIL PROTECTED]> [2006-03-17 19:10]:
> > beginning to think it might be a component of the number of carp interfaces
>
> unlikely.
> <[EMAIL PROTECTED]> $ ifconfig | grep '^carp' | wc -l
> 15
> and growing.
> and yes, that is real-world production use.
I would agree that number of carp interfaces doesn't matter:
# ifconfig |grep ^carp |wc -l
23
This is real-world also, with many of the carp interfaces layered on top
of VLANs. Intel dual GE cards.
Have you checked:
- carp settings in sysctl?
- carp pass rules (and ordering) in pf.conf (if you have default deny)?
- that you have advskew set "right" on the backup firewall?
# grep carp /etc/sysctl.conf
net.inet.carp.allow=1 # allow incoming CARP packets
net.inet.carp.preempt=1 # failover all CARP interfaces if one fails
# grep carp /etc/pf.conf
pass quick on $ext_ints proto carp keep state
pass on $int_phys proto carp keep state
pass on $int_vlan proto carp keep state
# cat /etc/hostname.carp1
vhid 1 advskew 100 pass XXXX
inet XXX 0xffffff00
--
adam
