On 2014-05-15, Waldemar Brodkorb wrote:
> Hi OpenBSD hackers,
>
> At work we have a firewall on two Dell PowerEdge 2940 servers, with
> 10 NIC's in use, which I want to substiute in the near future.
> The second machine act as cold standby.
>
> I would like to use OpenBSD pf and carp/pfsync to mak
Hi,
Adam Thompson wrote,
> At work we have a firewall on two Dell PowerEdge 2940 servers, with
> 10 NIC's in use, which I want to substiute in the near future.
> The second machine act as cold standby.
>
> Err... 10 NICs and Reduce Power & Heat don't usually belong together in the
> s
On May 15, 2014 2:29:00 AM EDT, Waldemar Brodkorb
wrote:
>Hi OpenBSD hackers,
>
>At work we have a firewall on two Dell PowerEdge 2940 servers, with
>10 NIC's in use, which I want to substiute in the near future.
>The second machine act as cold standby.
>
>I would like to use OpenBSD pf and carp/
I activated ntp at installation time. The time on the two box are
perfectly aligned.
I think the problem should be related to pfsync code.
Indeed disabling pfsync I reduced the log messages by a factor of 30.
Now I have only some BAD state (2-3 in a minutes).
Moreover, with pfsync enabled the u
I used to get similar errors with dhcpd, and noticed the clock was
about 18 hours off.
Setting the time and turning on ntpd seemed to fix that issue.
--Bryan
On 6/27/05, Paolo Perrucci <[EMAIL PROTECTED]> wrote:
> Till now the firewalls seems to be stable. No panic for now. It seems
> the first s
Till now the firewalls seems to be stable. No panic for now. It seems
the first small step was in the right direction...
Thank you Rogier.
Now my last problem regards the pf weird logs. I have two type of
strange logs:
1)
Jun 27 15:51:09 ip-11-53 /bsd: pfsync: ignoring stale update (4) id:
4
Activating pf debug (set debug urgent=misc) I saw in the master fw a lot
of messages like this (10/sec)
Jun 24 13:38:32 ip-11-52 /bsd: pfsync: ignoring stale update (3) id:
42bae8be000a3882 creatorid: 21b58ce2
Jun 24 13:38:32 ip-11-52 /bsd: pf: state insert failed: tree_lan_ext
lan: 62.94.11.4
Ok, I replaced syncif with syncdev on both fws.
Waiting for the next panic...
Thanks
Paolo
Rogier Krieger ha scritto:
On 6/24/05, Paolo Perrucci <[EMAIL PROTECTED]> wrote:
hostname.pfsync0: up syncif rl0
To start with small steps: how about replacing syncif with syncdev for
the hostname.p
On 6/24/05, Paolo Perrucci <[EMAIL PROTECTED]> wrote:
> hostname.pfsync0: up syncif rl0
To start with small steps: how about replacing syncif with syncdev for
the hostname.pfsync0 files? IIRC, syncif is deprecated as of 3.7. For
more info, see ifconfig(8).
Cheers,
Rogier
--
If you don't know w
Hi all,
following there are others usefull infos about my configuration.
I hope these helps to debug the issue.
Paolo
=== Architecture
xl0WAN xl0
| |
| |
|-| rl0|-|
| FW1 || FW2 |
|-|r
I configured the two firewalls as the basic example described here:
http://www.countersiege.com/doc/pfsync-carp/
I already reported a similar bug
(http://thread.gmane.org/gmane.os.openbsd.misc/83948) but until now I
didn't received any reply.
Before report another bug I would like to know if s
On 6/23/05, Paolo Perrucci <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> I'm trying to setup an ha firewall using carp and pfsync.
> I tried 3.6 and 3.7 version but both test fails with different kernel panic.
>
> In my last attempt I used the 3.7 version (-stable) on both the firewall
> but after som
12 matches
Mail list logo
