We have several interfaces in CARP.
If we ping the VIP address from one of them (no VLAN)
I get sporadic a DUP! and I can see that the slave, which is in backup mode, get the request and replies.
Not on every request, only sometimes.
We already cleared the arp cache of the involved switches.
As you can see, both opnsense send a reply:
17:19:32.363137 1c:c1:de:06:46:a2 > a4:bf:01:16:b1:db, ethertype IPv4 (0x0800), length 98: 192.168.254.248 > 192.168.254.167: ICMP echo reply, id 3595
64
17:19:32.363335 1c:c1:de:06:38:42 > a4:bf:01:16:b1:db, ethertype IPv4 (0x0800), length 98: 192.168.254.248 > 192.168.254.167: ICMP echo reply, id 3595
64
But this happens only on the interface without VLAN and on an other interface.
And only when we ping from a server which has also an interface in the same network.
In dmesg I can not see any change of the CARP mode, so it is not 'flipping'.
We are running out of ideas.
Any other idea?
Are you mixing tagged and untagged VLANs on the same OpnSense interface by any chance?
We have some hints here:
https://docs.opnsense.org/manual/how-tos/carp.html#known-limitations
Last two times I saw dups with pings in customer support was firmware bug in a switch that caused the CAM table to misbehave, and the other time it was switches that were not stacked (even though they should have been)
Most of the time its the switch being weird.
Specifically read this:
https://docs.opnsense.org/manual/how-tos/carp.html#stacking