I have setup a pair of firewalls using three public IPs all within a /24 subnet. This is the same setup as shown in the docs just with different IPs. https://docs.opnsense.org/_images/900px-Carp_setup_example.png.
The problem is the backup firewall (doesn't matter which one) has severe packet loss (40-80%). The primary firewall always works fine when using the VIP.
For example in the diagram above if I ping 8.8.8.8 or any other site from the backup firewall using 172.18.0.102 I get packet loss. If I failover then I get packet loss when pinging from 172.18.0.101.
I haven't got any NAT rules other than for the VIP.
Any idea what could be causing this or what I can check to debug the issue? Thanks
Check the CAM tables of your switches, most likely there is some MAC address learning issue at play.
Follow the troubleshooting guide:
https://docs.opnsense.org/manual/how-tos/carp.html#troubleshooting