DUP! - CARP with Virtual-IP and single firewall for NAT
I have the following setup:
ONE pfSense with a Public Subnet and Hybrid Outbound NAT
WAN: ..*.42 NAT for everything (else)
LAN2: 192.168.248.0/24 (which is NATed different)
CARP: ..*.248 NAT for 192.168.248.0/24
I also created rules at the WAN interface to allow ping to WAN-address and CARP-address.
Now something strange happens. If i ping the WAN-address everything works fine.
If i ping the CARP address from the internet i get a "DUP!" as an answer.
I looked at the capture and noticed something: Destination is "IETF-VRRP-VRID_f8 (00:00:5e:00:01:f8)" but the source for the reply is always the MAC-address for .42!
I also noticed 2 ping-requests in my capture and i think, something is very wrong in my setup. But i think that is because of the strange reply from the pfsense.
To make that clear. I wanted to have different mac-addresses for every virtual IP, therefore i am using CARP with only one firewall.
What could be the problem?
EDIT: Just rebooted the firewall. Now the DUP! messages are gone. But where could the problem be?