OPNsense Forum
Archive => 22.7 Legacy Series => Topic started by: Dankau on January 30, 2023, 01:17:30 pm
-
Hello,
we are running OPNsense in a HA-cluster, virtualiced under Proxmox VE. Our master and backup each have a configured ip-address on their interfaces, because we are using the dhcp function. The VIPs on all of our interfaces are gateway ip adresses.
After checking our routes and traffic we saw that we are getting a lot of ARP-requests from our DHCP-server.
Because of that we have some performance issues.
It is literally an ARP broadcast storm. Around 30% of our packages are ARP-requests from our master maschine.
Another problem should be that while doing a tracert into the internet our master maschine answers the first hop instead of the gateway address.
After looking through some threads here and on the proxmox site i think it has something to do with the MAC spoofing, but i am not sure if it really has something to do with it.
I know for a fact that on ESXi and Hyper-V you need to allow MAC address spoofing / MAC changes. But for Proxmox the option for MAC Filter is located under the firewall.
So here is my question. Do i need to enable the MAC Filter under Proxmox to solve our problems with CARP or is there another way to solve them?
Greetings