Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DUP! - CARP with Virtual-IP and single firewall for NAT

    Scheduled Pinned Locked Moved HA/CARP/VIPs
    1 Posts 1 Posters 414 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      seitle
      last edited by seitle

      Hello

      I have the following setup:
      ONE pfSense with a Public Subnet and Hybrid Outbound NAT

      For example:

      WAN: ..*.42 NAT for everything (else)
      LAN1: 192.168.1.0/24
      LAN2: 192.168.248.0/24 (which is NATed different)

      CARP: ..*.248 NAT for 192.168.248.0/24

      I also created rules at the WAN interface to allow ping to WAN-address and CARP-address.

      Now something strange happens. If i ping the WAN-address everything works fine.
      If i ping the CARP address from the internet i get a "DUP!" as an answer.

      I looked at the capture and noticed something: Destination is "IETF-VRRP-VRID_f8 (00:00:5e:00:01:f8)" but the source for the reply is always the MAC-address for .42!

      I also noticed 2 ping-requests in my capture and i think, something is very wrong in my setup. But i think that is because of the strange reply from the pfsense.

      To make that clear. I wanted to have different mac-addresses for every virtual IP, therefore i am using CARP with only one firewall.

      What could be the problem?

      Thank you.

      EDIT: Just rebooted the firewall. Now the DUP! messages are gone. But where could the problem be?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.