Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Slave can't reach hosts on "some" LAN

    Scheduled Pinned Locked Moved HA/CARP/VIPs
    2 Posts 1 Posters 850 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      siberian
      last edited by

      Hi,
      I've a standard (I think) HA configuration.
      There are several VLAN and one WAN link. pfSense is the default gw for every VLAN, and everything works pretty well: syncing, nat, load balancing, fail over… I've also done several upgrades from 2.2.1 to 2.2.6, always without any problem.

      But there's one thing I can't solve: the slave is unable to reach any host on some VLAN, for example:

      VLAN 981: the slave reaches (ping, telnet…) every host on the VLAN
      igb1_vlan981: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
      ether 9c:b6:54:8f:2f:4d
      inet6 fe80::9eb6:54ff:fe8f:2f4d%igb1_vlan981 prefixlen 64 scopeid 0xd
      inet 172.31.98.13 netmask 0xfffffff0 broadcast 172.31.98.15
      inet 172.31.98.14 netmask 0xfffffff0 broadcast 172.31.98.15 vhid 5
      nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (1000baseT <full-duplex>)
      status: active
      vlan: 981 vlanpcp: 0 parent interface: igb1
      carp: BACKUP vhid 5 advbase 1 advskew 100

      VLAN 20: the slave is unable to reach any host (just its own ip):
      igb1_vlan20: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
      ether 9c:b6:54:8f:2f:4d
      inet6 fe80::9eb6:54ff:fe8f:2f4d%igb1_vlan20 prefixlen 64 scopeid 0xa
      inet 172.16.31.102 netmask 0xffffff00 broadcast 172.16.31.255
      inet 172.16.31.254 netmask 0xffffff00 broadcast 172.16.31.255 vhid 1
      nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (1000baseT <full-duplex>)
      status: active
      vlan: 20 vlanpcp: 0 parent interface: igb1
      carp: BACKUP vhid 1 advbase 1 advskew 100

      As soon as I disable CARP on the master, the slave starts to work perfectly.
      As a consequence, when the slave is not active, it reports some load balancer pools and some static routes through the VLAN always down.
      Is it normal that I see the CARP ip also on the slave for every interface?
      And what I described is an expected behavior or is there anything I can check or try to solve the issue?

      Thank you.</full-duplex></performnud,auto_linklocal></up,broadcast,running,promisc,simplex,multicast></full-duplex></performnud,auto_linklocal></up,broadcast,running,promisc,simplex,multicast>

      1 Reply Last reply Reply Quote 0
      • S
        siberian
        last edited by

        Hi everybody,
        I've just upgraded to pfSense 2.3, but I still have the same issue.
        Any idea?
        Thank you again.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.