Losing packets when using VIP

  • I have problem that I've worked on all day. I would like to ask for help from the super heroes out there…

    I'm trying to setup 1:1 mapping to where I can pass a real world IP thru pfsense and to an end user. I followed instructions for setting up 1:1 as found here in the forum. I setup the real world IP as a VIP first w/CARP, then the 1:1 rule, then a rule to pass everything to the private LAN IP address of the end user. When I do this, I lose 4 out of every 10 packets to that end user. I can take the VIP, 1:1 and rule out and the packets flow just fine to and from the end user.

    I tested this by pinging from the end user's PC to our border router. And from another PC on a real-world IP into our border router thru pfsense to the end user's computer. Same results in dropping packets. I also plugged in a Vonage phone adapter in place of the end user's PC and I lose every other word while speaking to someone.

    Any ideas? Thank you for helping!


  • I guess noone understands your post.
    How can you still access (measure the pings) if you remove the VIP and NAT rule? If you remove those then you cannot access the user behind in LAN from internet, so you cannot measure it.

