Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Failover traffic

    HA/CARP/VIPs
    1
    1
    598
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      Cornelp
      last edited by

      Hello, we have 2 PfSense firewalls (2.3) running on VMs, each VM is on a different VMHost and each VMHost is connected to the same switchstack. We have all interfaces setup with CARP and we’re syncing states.

      We switched traffic to FW2 by using CARP Maintenance mode on FW1 - and then switched back to FW1 by taking it out of CARP Maintenance mode - and everything looked ok until we realized that traffic was going through both firewalls.  We could see this via tcpdump and by looking at the states tables on both - for some systems, the traffic is going through both firewalls.

      How could this happen, is there anything else we need to do when using the Status / CARP tab to flip traffic?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.