I still wonder what should cause the destruction of the config.xml. Keep an eye on it. There might be something else going on which is unrelated to the other error.

@wizard:

That could be the answer to my problem i will give it a try soon. Thanks a lot for your help.

Make sure you don't have asymmetric routing.  You'll need two carp addresses on the INSIDE also with each group of servers using it's respective carp IP as it's return gateway.  While pfSense will sync it's state table, it's not instantaneous and I can guarantee issues with out of state packets.

–Bill

Without having any more data the only thing that I can suggest is making sure you are on the latest testing snapshot:

http://www.pfsense.com/~sullrich/RELENG_1_SNAPSHOT_04-12-2006/

Thats most likely my fault as I added the Sync code. :)

Could we simply HUP slbd on filter reload?

Thanks for all your support guys. I'll stick to my proposed solution which i'm happy to use. I am very impressed by pfSense, and it's my absolute prefered firewall, and i have tested a few. Thank you very much.

//Eskild

@sullrich:

Yes, go ahead and email me the information.

You got mail… :)

/jan

Finally… after testing on three motherboard, I can do ping and port forwarding from external to internal machine.
The main problem is in the default gateway of the internal machine. I forgot to add additional gw in the server routing table.  ;D ;D ;D

I will switch to pfSense immediately... thanks guys... ;) ;) ;)

You can do what you want with it.  The point is to not ask for help when doing things beyond the scope of what we offer support for.

The Bad Gateway messages are cosmetic and they should be there no matter which IP you are using. They appear always when a CARP IP is brought up.

Wouldn't this be the same problem you run into when you try to impose CARP on a set of bridged interfaces?  Basically the deal is that CARP and proxyarp (or bridging) don't play nicely together.

@kikawala:

I did not try 0.94.10, but I did not have any problems with 0.94.12

Known problem, colin is working on configuration sync.