1
High availability / Public WAN VIP (CARP) Broadcast Flood
« on: May 05, 2024, 12:24:16 am »
Hey,
running two identical baremetal opnsenses. HA works on LAN as expected. I have an IP range from my provider (Vodafone), but have to route the traffic from the modem to the opnsense WAN Interfaces via vlan on UniFi switches.
If I setup a CARP VIP on WAN Interface the setup seems working. Outbound NAT works too. After a while (some hours) the wan interfaces receive and send a lot of broadcast traffic which knocks out both opnsenses.
EDIT: Reporting/Insights show that bootps (udp) broadcasts. Don't know at this point if it is an provider or vlan issue.
running two identical baremetal opnsenses. HA works on LAN as expected. I have an IP range from my provider (Vodafone), but have to route the traffic from the modem to the opnsense WAN Interfaces via vlan on UniFi switches.
If I setup a CARP VIP on WAN Interface the setup seems working. Outbound NAT works too. After a while (some hours) the wan interfaces receive and send a lot of broadcast traffic which knocks out both opnsenses.
EDIT: Reporting/Insights show that bootps (udp) broadcasts. Don't know at this point if it is an provider or vlan issue.