Hi,
I've just installed 2 new appliances (no VM's) in a failover setup. Both work fine but as soon as i'm using a carp alias (on both wan and lan) the communication to the natted servers gets really slow and unusable. Manual outbound NAT makes no difference.
When just using the WAN ADDRESS on both appliances everything works great so the problem must be somewhere in CARP. Any pointers for this ?
The network has more pf/opn firewalls active, could there be some interference ? I do have quite some experience with pfsense and never saw this problem before.
CARP in virtual environments needs special setup.
Are you sure you spotted all things?
Maybe you can start your testing with real hardware?
It IS real hardware, two new Deciso 2630 boxes.
Actually i bought them because i had the same problems running opnsense in a vm and suspected that that could be the reason of the problems. But apparently it is not..
I would start looking at events in the logging, if there are no (notable) events, a packet capture helps to retrieve more insights as well.
If carp traffic isn't properly delivered to the machines, in most of the cases there are some pointers in the system log, such as flipping master/slave state or mac address issues.
Best regards,
Ad