p state
>
> all icmp 172.16.1.10:8707 <- 192.168.10.3:8707 0:0
> root@fw:~ #
>
>
>
>
> --
> Victor Sudakov, VAS4-RIPE, VAS47-RIPN
> 2:5005/49@fidonet http://vas.tomsk.ru/
>
> Attachments:
> * signature.asc
--
—
Dave Cottlehuber
On Thu, 14 Sep 2017, at 23:32, Kristof Provost wrote:
> On 14 Sep 2017, at 16:21, Dave Cottlehuber wrote:
> > Outgoing traffic (from a jail) via PF NAT over a LAGG/LACP sometimes
> > has the *backup* CARP IP address assigned to it.
> >
> I think this is your problem. You
Hi,
Outgoing traffic (from a jail) via PF NAT over a LAGG/LACP sometimes has
the *backup* CARP IP address assigned to it.
Obivously as this IP is only active on the "other" server, the return
TCP connection traffic never actually gets back to our CARP master, and
the other server sees spurious TC
