almost half percent of packet loss when pinging the carp vip of WAN interface
-
any tips for me? thanks in advance!
ping from 1.1.1.1 to 1.1.1.100, good
ping from 1.1.1.10 to 1.1.1.100, bad
ping from 2.2.2.1 to 1.1.1.100, good
ping from 2.2.2.10 to 1.1.1.100, bad
-
-
@amoschb some findings, I changed Advertising frequency = 2, then 2 packets loss and 2 packets arrived, see below.
-
@amoschb You don't show it on your drawing - do you have an interface on both hosts dedicated to pfsync? If not, what interface(s) are you using to sync between the hosts?
Is there anything in the logs indicating if router2 is trying to take over the CARP VIP address?
Have you tried pinging other things, like router1's physical IP addresses, from router2? Do you drop packets with physical IPs, or only for the CARP IP?
-
-
no dedicated NIC for pfsync, actually there are 2 NICs for each pfsense, 1 is for WAN, 1 is for LAN (pfsync)
-
no any logs about CARP VIP taking over.
-
yes, i tried pinging from LAN to WAN, from Physical to Virtual back and forth. only PINGING CARP IP is abnormal.
-
packet captures show that multicast CARP message from pfsense master can be received on both of node.
-
-
BTW:
CARP IP on LAN interface works fine and no any issues.
The packet loss issue is only happened on CARP IP on WAN interface.
