Just building off my last message. Answering Ryans questions first:
- Do you have dedicated addresses on the carp parent interfaces?
For sure.
- Are all the carp devices on the master firewall MASTER; what about the
backup?
Before and after the network dies, primary firewall is all MASTER,
se
At 2006-11-14 13:03:51, Chris Cameron wrote:
> I can't (easily) give direct output from things like ifconfig or pf.conf
> as they're both huge and contain information I've been told we don't
> want to send out. Hopefully this doesn't prevent anyone from helping me
> out.
If it's a problem with car
On Tue, Nov 14, 2006 at 06:03:51AM -0700, Chris Cameron wrote:
> I have a 3.8 PF/CARP setup that I can reproducibly screw up simply by
> cat'ing lots of text over a telnet session.
>
> It has several subnets, and several NICs, but only 1 subnet becomes
> unavailable. Everything else continues to w
This is while it's working. I'll repost this tonight when I'm able to
hang it.
Status: Enabled for 0 days 16:47:54 Debug: Urgent
Interface Stats for gem0 IPv4 IPv6
Bytes In 1560279475 272
Bytes Out 146494
Hi,
On 11/14/06, Chris Cameron <[EMAIL PROTECTED]> wrote:
I have a 3.8 PF/CARP setup that I can reproducibly screw up simply by
cat'ing lots of text over a telnet session.
can you post `pfctl -s info` and `pfctl -s memory`?
Best regards,
Carlos.
--
grah windows just crashed again, unstable c
On Tue, Nov 14, 2006 at 09:28:47AM -0700, Chris Cameron wrote:
> Upgrading isn't an option. I mean it is, but as soon as I say
> "Don't know, lets just upgrade", that's a major hit to something
> that was tough to get in in the first place. This will be a
> Firewall-1 shop again quite quickly and a
In article <[EMAIL PROTECTED]>, Chris Cameron wrote:
>
> I have a 3.8 PF/CARP setup that I can reproducibly screw up simply by
> cat'ing lots of text over a telnet session.
Chances are that you're hitting some bug in 3.8, that has likely been
fixed in 3.9, or 4.0. Or the rule you're using to p
I have a 3.8 PF/CARP setup that I can reproducibly screw up simply by
cat'ing lots of text over a telnet session.
It has several subnets, and several NICs, but only 1 subnet becomes
unavailable. Everything else continues to work. There are no errors in
messages, daemon, with PF debug set to misc.
On Tue, 2006-11-14 at 15:59 +, Tobias Weingartner wrote:
> In article <[EMAIL PROTECTED]>, Chris Cameron wrote:
> >
> > I have a 3.8 PF/CARP setup that I can reproducibly screw up simply by
> > cat'ing lots of text over a telnet session.
>
> Chances are that you're hitting some bug in 3.8,
9 matches
Mail list logo
