[Bug 213282] FreeBSD 10.2 / Carp / PfSync
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Fri Oct 7 17:48:11 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=213282
Bug ID: 213282
Summary: FreeBSD 10.2 / Carp / PfSync
Product: Base System
Version: 10.2-STABLE
Hardware: Any
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: kern
Assignee: freebsd-bugs at FreeBSD.org
Reporter: JeanAumont at gmail.com
Hi,
I have a 2 FreeBSD 10.2 firewall in a MASTER / BACKUP configuration with around
20 interfaces.
All the interfaces on the MASTER have an ADVBASE of 2 and a ADVSKEW of 90.
All the interfaces on the BACKUP have an ADVBASE of 2 and a ADVSKEW of 100.
Carp preempt is enabled on both firewall.
There is a lot of traffic passing on those firewall, around 80000 connections.
Our MASTER firewall crash (due to a bad disk controller firmware).
The BACKUP firewall became the MASTER, and no traffic was lost.
But when the firewall that crash rebooted, it became the MASTER again, and this
is when we lost some connections.
Is there a SYNC of the PF table between the firewall before a firewall became
MASTER again?
By looking at the carp code rapidly, I did not see any thing regarding this
situation.
Thanks,
Jean Aumont
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list