loosing pings on VIP

  • We have 2 pfsense boxes and 2 ISP. For each ISP we have created a VIP. This has been working for years. A week ago we started loosing packets on one of VIPs. Pinging from outside gives approx 40% of losses. While pinging from inside or on physical address of interfaces attached to ISP line, we have no problems. ISP stated that their devices are working correctly.
    We'have bypassed the switch and attached the firewall NIC directly to ISP's device. Result is the same.
    The other VIP - with an other ISP is working right.
    Any ideas what else to check?

    TIA Michal

  • [Solved]
    Well, it appeared that VHID assigned to the VIP wasn't unique in the network segment. After changing it to a different number we have full connectivity. We only don't know (yet) where was the conflicting VHID introduced.

  • LAYER 8 Netgate

    Packet capture for it.

  • I captured on all interfaces (not only the one connected to ISP) and both firewalls. Only my firewalls advertised VHIDs. Could not spot any foreign MACs...
    Moreover beside VHID=3, also 5 caused the same issue.

Log in to reply