Backup carp member cannot ping from a WAN interface -gateway is showing as down



  • I cannot ping from 1 of my wan interfaces when using the ping tool in the GUI on my backup CARP member. Hence on my backup member it shows that the gateway is down for this interface. The primary member is working OK and displays no gateway error. If I shut down my primary member the backup member becomes master on all interfaces and lan devices can route traffic via the problem wan interface, however the gateway still displays as offline. I can then turn the primary CARP member back on and it becomes the master again and all routing still works. If I do a packet capture on the problem interface I can see a reply request to the gateway but no reply. I cannot ping any WAN subnet device on the backup CARP member. I have a 2nd WAN interface which works good for both master and backup members. Its gateway is online for both servers. Im running 2.0.1 Release on both servers. They run on different esx 4.1 servers.



  • Sounds like the IP you have on WAN of the secondary isn't valid or has some kind of problem like an IP conflict.



  • The Static IPs I'm using are; master 10.10.8.2/24, backup 10.10.8.3/24, CARP 10.10.8.1/24, and GW 10.10.8.254. I cannot see anything else using 10.10.8.3 on that subnet, there is only 3 devices, the gateway,and 2 pfsense servers. I have tried putting a test laptop on with 10.10.8.22/24 and I can only ping from primary server and GW. It is strange that when I failover that LAN clients can still route traffic via this interface.



  • Reinstalled pfsense 2.0.1 and retored config from backup and all works again, thanks for the post cmb.


Log in to reply