Date: Tue, 6 Feb 2007 13:51:55 -0800 From: "Kian Mohageri" <kian.mohageri@gmail.com> To: "Michael K. Smith - Adhost" <mksmith@adhost.com> Cc: freebsd-pf@freebsd.org Subject: Re: PFSync Not Working Correctly Message-ID: <fee88ee40702061351t2866b687g58d16131ad2a90bd@mail.gmail.com> In-Reply-To: <17838240D9A5544AAA5FF95F8D52031601A8BD24@ad-exh01.adhost.lan> References: <17838240D9A5544AAA5FF95F8D52031601A8BD24@ad-exh01.adhost.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2/6/07, Michael K. Smith - Adhost <mksmith@adhost.com> wrote: > > Hello All: > > I have two 6.2 RELEASE servers working in failover mode as PF Load > Balancers. When the MASTER box is failed (through reboot or interface > shutdown, etc.) the BACKUP box becomes MASTER as expected, but > connections that existed through the MASTER before the failover do not > transfer as expected to the new MASTER. New connections work > immediately. > > When I issue a 'pfctl -vvss' the established connection shows up > correctly in the state tables on both machines, so I would expect the > established connection to work immediately upon failover. > > If anyone has any insights I'd be grateful. I can also post any > relevent output or config snippets if someone thinks they would help. Increase pf verbosity, and also tcpdump -i pflog0 (you do block log, right?) on your new MASTER when connections are failing. That will tell you if there is a state mismatch going on when connections fail over. You first want to make sure the mid-connection packets are even reaching the new master. -- Kian Mohageri
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?fee88ee40702061351t2866b687g58d16131ad2a90bd>