pfsync / 6-CURRENT-amd64
Scott Ullrich
sullrich at gmail.com
Sun Jun 26 02:11:32 GMT 2005
On 6/25/05, Sascha Luck <lists at c4inet.net> wrote:
> Hi,
>
> I've built a redundant firewall setup with pf / CARP / pfsync on
> CURRENT. pf and CARP are working well, the traffic fails over
> without problems.
> pfsyc, however, seems not to work at all. There is no traffic on
> the sync interface, the states are (obviously) not being synced.
>
> The NICs are all Intel 1000MT dual-port cards (btw, I can confirm
> that fail-over on VLAN interfaces on em NICs does work on CURRENT)
>
> CURRENT kernel versions:
> FreeBSD 6.0-CURRENT #0: Sun Jun 26 02:10:42 IST 2005
>
> pf, pflog and pfsync are built into the kernel. both pfsync
> interfaces are up and connected to the syncif, they are connected
> by xover cable:
>
> cwi010# ifconfig pfsync0
> pfsync0: flags=41<UP,RUNNING> mtu 1348
> pfsync: syncdev: em5 maxupd: 128
>
> em5: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> options=4b<RXCSUM,TXCSUM,VLAN_MTU,POLLING>
> inet 10.10.255.2 netmask 0xffffff00 broadcast 10.10.255.255
> inet6 fe80::211:43ff:fee5:8377%em5 prefixlen 64 scopeid 0x6
> ether 00:11:43:e5:83:77
> media: Ethernet autoselect (1000baseTX <full-duplex>)
> status: active
>
> Has anyone seen similar effects? Is this connected to the network
> interface changes as of Jun 9?
For what it's worth we are also seeing this same problem on pfSense
with from what I can tell is all NICS. Let me know if you need any
more information. It seems to have broken around the 10th.
Regards,
Scott
More information about the freebsd-pf
mailing list