No Internet after failover

  • Hi,
    my master pfsense box went down and all the traffic switched to my backup box (thanks to the carp) properly, except for one big issue!
    there was no outgoing traffic to the internet.
    I also checked my outbound nat rule on the backup box. the rule was set to pass outbound traffic through WAN CARP VIP. (this ip is used for both boxes)
    another note is that we are connected to the upstream router, without any NAT rules.
    BTW my dns and mask settings (on both boxes) are correct.
    How can I find the problem?

  • LAYER 8 Netgate

    Can the secondary router even ping outbound when it is CARP MASTER? Select the CARP VIP in Diagnostics > Ping and see.

    Are the inside clients configured to use the inside CARP VIP as their default gateway, DNS servers, etc?

  • Thanks Derelict for your reply.
    For your questions : yes
    For ping:
    we have 2 gateways (lets say x and y) on the upstream router for accessing outside .(of course I've configured CARP VIP to reach them ) but the problem is that I can't ping one of them (y) on the slave node. and unfortunately the traffic will route through that one (y). because in System -> Routing the default gw I was set is x, but the traffic will never pass through it!

  • LAYER 8 Netgate

    Then you have to figure out why that is.

    Perhaps upstream has a problem with the CARP MAC address moving from one port to the other, which is necessary for proper operation and is what any layer 2 device should do.

  • OK,
    I will reconfigure gateway settings on the backup node, hope to see if any changes are made.

  • [solved]
    The problem strangely solved by re-configuring System -> Routing values.
    Also I changed the default gw to Automatic (I doubt if this has been effective!)

Log in to reply