From owner-freebsd-questions@FreeBSD.ORG Sun Apr 20 06:58:15 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 01AFB106566B for ; Sun, 20 Apr 2008 06:58:15 +0000 (UTC) (envelope-from loloski@gmail.com) Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.227]) by mx1.freebsd.org (Postfix) with ESMTP id CF8338FC1D for ; Sun, 20 Apr 2008 06:58:14 +0000 (UTC) (envelope-from loloski@gmail.com) Received: by rv-out-0506.google.com with SMTP id b25so857280rvf.43 for ; Sat, 19 Apr 2008 23:58:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; bh=ZR02eQyNn4s5be6uWzksRM+/d/hTvVWyarxAye5w4vw=; b=vhbUSIGGeM5gxmeDdqn1w7VJxolK7QjC/B1SWyfEOwV1uuR3yHy7jrBhq86eL7a25Xqo2shQ3nSyZew0Xr11Yegxiq9+yyWFvjadCPWhCVrEoXLo7s7fJTKs6IwFDBS9m8KfhM4t4whgKqeuqOxA2StR13NTsTiXlb07NuzdfUc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=M0G7/o72RSHoAjq590SbdEPTzT5K6RomCD39VzAcSq6XxQX9eaUs2gVA8wAn1nMh8i/llvHSogRbl8WGiugMbMiG/kc6q3af35Ouk+wpnYlfYuac41OsStIw6UTgP6lMJvz6ivYvgagw39/jpfXW0IDNVvMJbLeeQAaeKKMqCqw= Received: by 10.141.141.3 with SMTP id t3mr2557855rvn.52.1208673217761; Sat, 19 Apr 2008 23:33:37 -0700 (PDT) Received: by 10.141.3.13 with HTTP; Sat, 19 Apr 2008 23:33:37 -0700 (PDT) Message-ID: Date: Sun, 20 Apr 2008 14:33:37 +0800 From: "Ronald Chan" To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: carp + pfsync + pf X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Apr 2008 06:58:15 -0000 List, Hi! Good day, my first post to this lists, was unreadable due to or possibly a yahoo bug, well here it goes, i have been task to setup a redundant firewall. Setting up carp + pfsync was a breeze even though carpdev option was not present as of this time to freebsd. My preliminary test shows that through simulation (yanking the cable and so on), the secondary firewall successfully takeover the primary and the firewall state is sync via crossover cable on both machine. pfctl -s s show both machine have a common state but the problem is the connection dies unexpectedly on the client side during simulation. note: On OpenBSD the same setup and configuration is made and its working perfectly without a hitch though it's a different machine. can someone please shed some light about this? Thanks in adavnce to all Best regards, Ronald Chan