"
I've read through the forums, and although I've seen similar issues, none quite matches what I'm experiencing. I'm really at a loss to explain this behavior.
I've got a cluster that has 2 10G Intel (ix) interfaces, with various vlans on them. I'm actually only seeing issues on ONE of the vlans on ONE of the interfaces, all of the other vlans on both interfaces work as expected. Needless to say this is causing issues with CARP.
Brief description:
On the ix0_vlanX interface, the firewalls cannot seem to ping each other. On the other (ix0_vlanY), ping works fine, each firewall can ping the other, and their shared CARP address. I say seem because on the "broken" vlan interface I can see the request and reply packets, with tcpdump, but for some reason ping reports 100% packet loss. From a different device on the same vlan(s), I can ping both firewalls and their shared CARP address.
igmp snooping is off on the switchports
only tagged vlans are on the switch ports (the ix0 interface has no address)
I'd be happy for any input as to what might be amiss, because I'm out of ideas at this point.
I've got a cluster that has 2 10G Intel (ix) interfaces, with various vlans on them. I'm actually only seeing issues on ONE of the vlans on ONE of the interfaces, all of the other vlans on both interfaces work as expected. Needless to say this is causing issues with CARP.
Brief description:
On the ix0_vlanX interface, the firewalls cannot seem to ping each other. On the other (ix0_vlanY), ping works fine, each firewall can ping the other, and their shared CARP address. I say seem because on the "broken" vlan interface I can see the request and reply packets, with tcpdump, but for some reason ping reports 100% packet loss. From a different device on the same vlan(s), I can ping both firewalls and their shared CARP address.
igmp snooping is off on the switchports
only tagged vlans are on the switch ports (the ix0 interface has no address)
I'd be happy for any input as to what might be amiss, because I'm out of ideas at this point.
