4. Very Slow Routes via CARP

Very Slow Routes via CARP

  • T

    Currently using pFsense 1.2 based on 6.3 BSD and SMP kernel.

    The Setup:

    2 x pF boxes

    vIP-1 = CARP = WAN = 69.65.x.x
    vIP-2 = CARP = LAN = 10.1.0.1

    pF1 :
    em0 = op2 = not enabled
    em1 = CARPSYNC = 192.168.1.2/24
    em2 = WAN = 69.65.x.x2
    em3 = LAN = 10.1.0.2/8

    pF2 :
    em0 = op2 = not enabled
    em1 = CARPSYNC = 192.168.1.3/24
    em2 = WAN = 69.65.x.x3
    em3 = LAN = 10.1.0.3/8

    Virtual Server Pool:
    69.65.x.x w/ Pool 1 being the target

    Pool 1:
    <– 10.1.1.10 thru .21 w/ Failover to 10.1.1.1 -->

    Sticky connections : Turned Off (sticky connections in our case would actually slow us down)

    The Question:

    Why when accessing 69.65.x.x (inbound) or accessing 10.1.0.1 (outbound) is the initial connection lagging beyond practicality?

    When doing a ping, I get an immediate response from 10.1.0.2 as the gateway vs using 10.1.0.1 (the CARP-vIP) which takes about 20 seconds to make it's initial response then pauses intermittently then quickly dumps responses as if it was buffering them up then dumping them to your console.

    What I find most disturbing is this is all the while our cluster (that needs the load balancing) isn't getting hammered.  This happens during my one internal single connection.

    Any help and/or suggestions would be appreciated as this was supposed to be a live project on Monday.

    Cheers..!

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy