Yes, now it work without problem.
Thankyou.
@xmillies, for me you can set this thread as resolved.
Thankyou.
@xmillies, for me you can set this thread as resolved.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Show posts Menu***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 23.10 at Mon Apr 15 13:09:55 UTC 2024
Fetching subscription information, please wait... done
Fetching changelog information, please wait... done
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: . done
Processing entries: .......... done
OPNsense repository update completed. 873 packages processed.
All repositories are up to date.
Updating database digests format: .......... done
New version of pkg detected; it needs to be installed first.
The following 1 package(s) will be affected (of 0 checked):
Installed packages to be UPGRADED:
pkg: 1.19.2 -> 1.19.2_1
Number of packages to be upgraded: 1
4 MiB to be downloaded.
[1/1] Fetching pkg-1.19.2_1.pkg: .......... done
Checking integrity... done (0 conflicting)
[1/1] Upgrading pkg from 1.19.2 to 1.19.2_1...
[1/1] Extracting pkg-1.19.2_1: .......... done
Checking integrity... done (0 conflicting)
Your packages are up to date.
Checking for upgrades (145 candidates): .......... done
Processing candidates (145 candidates): ....... done
The following 95 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
libpfctl: 0.8
openssl111: 1.1.1w
py39-pyasn1: 0.5.0
py39-pyasn1-modules: 0.3.0
py39-service-identity: 23.1.0
py39-typing-extensions: 4.9.0
squid-langpack: 7.0.0.20230225
Installed packages to be UPGRADED:
beep: 1.0_1 -> 1.0_2
choparp: 20150613 -> 20150613_1
curl: 8.3.0 -> 8.6.0
cyrus-sasl: 2.1.28 -> 2.1.28_1
easy-rsa: 3.1.6 -> 3.1.7
gettext-runtime: 0.22_1 -> 0.22.3
glib: 2.78.0,2 -> 2.78.3,2
ivykis: 0.42.4 -> 0.42.4_1
libfido2: 1.13.0 -> 1.14.0
libnet: 1.2,1 -> 1.3,1
libnghttp2: 1.56.0 -> 1.58.0
libpsl: 0.21.2_3 -> 0.21.2_4
libxml2: 2.10.4_1 -> 2.10.4_2
lighttpd: 1.4.71 -> 1.4.73
mpd5: 5.9_16 -> 5.9_17
nss: 3.93 -> 3.95
oniguruma: 6.9.8_1 -> 6.9.9
openssh-portable: 9.3.p2_1,1 -> 9.6.p1_1,1
openvpn: 2.6.6 -> 2.6.8_1
opnsense-business: 23.10 -> 23.10.3
opnsense-installer: 23.1 -> 24.1
opnsense-lang: 23.7.4 -> 23.7.11
opnsense-update: 23.7.4 -> 23.7.10_1
os-OPNBEcore: 1.2 -> 1.3
perl5: 5.34.1_3 -> 5.36.3_1
pftop: 0.8_4 -> 0.10
php82: 8.2.11 -> 8.2.14
php82-ctype: 8.2.11 -> 8.2.14
php82-curl: 8.2.11 -> 8.2.14
php82-dom: 8.2.11 -> 8.2.14
php82-filter: 8.2.11 -> 8.2.14
php82-gettext: 8.2.11 -> 8.2.14
php82-ldap: 8.2.11 -> 8.2.14
php82-mbstring: 8.2.11 -> 8.2.14
php82-pcntl: 8.2.11 -> 8.2.14
php82-pdo: 8.2.11 -> 8.2.14
php82-phpseclib: 3.0.23 -> 3.0.34
php82-session: 8.2.11 -> 8.2.14
php82-simplexml: 8.2.11 -> 8.2.14
php82-sockets: 8.2.11 -> 8.2.14
php82-sqlite3: 8.2.11 -> 8.2.14
php82-xml: 8.2.11 -> 8.2.14
php82-zlib: 8.2.11 -> 8.2.14
pkcs11-helper: 1.29.0 -> 1.29.0_1
py39-Babel: 2.13.0 -> 2.14.0
py39-aioquic: 0.9.21 -> 0.9.24
py39-anyio: 4.0.0 -> 4.2.0
py39-certifi: 2023.7.22 -> 2023.11.17
py39-charset-normalizer: 3.3.0 -> 3.3.2
py39-cryptography: 41.0.4,1 -> 41.0.7_2,1
py39-cython: 0.29.36 -> 0.29.37
py39-exceptiongroup: 1.1.3 -> 1.2.0
py39-h2: 4.0.0 -> 4.1.0
py39-httpcore: 0.18.0 -> 1.0.2
py39-httpx: 0.25.0 -> 0.26.0
py39-idna: 3.4_1 -> 3.6
py39-netaddr: 0.9.0 -> 0.10.1
py39-numexpr: 2.8.7 -> 2.8.8
py39-numpy: 1.25.0,1 -> 1.25.0_4,1
py39-outcome: 1.2.0 -> 1.3.0_1
py39-pylsqpack: 0.3.17 -> 0.3.18
py39-trio: 0.22.2 -> 0.24.0
py39-tzdata: 2023.3_1 -> 2023.4
py39-ujson: 5.8.0 -> 5.9.0
py39-urllib3: 1.26.17,1 -> 1.26.18,1
py39-yaml: 6.0 -> 6.0.1
readline: 8.2.1 -> 8.2.7
rrdtool: 1.8.0_2 -> 1.8.0_3
sqlite3: 3.43.1,1 -> 3.44.0_1,1
squid: 5.9 -> 6.6
strongswan: 5.9.11_2 -> 5.9.13
sudo: 1.9.14p3 -> 1.9.15p5
suricata: 6.0.14 -> 6.0.17
unbound: 1.18.0 -> 1.19.3
wpa_supplicant: 2.10_9 -> 2.10_10
Installed packages to be REINSTALLED:
cpdup-1.22 (direct dependency changed: openssl111)
cyrus-sasl-gssapi-2.1.28 (direct dependency changed: openssl111)
gmp-6.3.0 (option added: INFO)
hostapd-2.10_8 (direct dependency changed: openssl111)
isc-dhcp44-server-4.4.3P1 (direct dependency changed: openssl111)
krb5-1.21.2 (direct dependency changed: openssl111)
ldns-1.8.3 (direct dependency changed: openssl111)
libevent-2.1.12 (direct dependency changed: openssl111)
monit-5.33.0 (direct dependency changed: openssl111)
ntp-4.2.8p17_1 (direct dependency changed: openssl111)
openldap26-client-2.6.6 (direct dependency changed: openssl111)
python39-3.9.18 (direct dependency changed: openssl111)
syslog-ng-4.4.0 (direct dependency changed: openssl111)
Number of packages to be installed: 7
Number of packages to be upgraded: 75
Number of packages to be reinstalled: 13
The process will require 19 MiB more space.
93 MiB to be downloaded.
***DONE***
QuoteType opnsense-business
Version 23.10
Architecture amd64
Commit 763f01ff8
Mirror https://opnsense-update.deciso.com/${SUBSCRIPTION}/FreeBSD:13:amd64/23.10
Repositories OPNsense
Updated on Wed Oct 25 15:11:46 UTC 2023
Checked on N/A
0xffffffff
.if (ip_in_subnet($dhcpifconf['failover_peerip'], "{$carp_nw}/{$vipent['subnet_bits']}")) {
2022-08-19T17:17:27 Error dhcpd DHCPDISCOVER from 0a:c4:ad:4b:47:fd via vlan03: peer holds all free leases
2022-08-19T17:17:26 Error dhcpd DHCPDISCOVER from 68:f7:28:fc:c9:f3 via vlan01: peer holds all free leases
2022-08-19T17:17:16 Error dhcpd DHCPDISCOVER from 68:f7:28:fc:c9:f3 via vlan01: peer holds all free leases
root@fw-slave:~ # netstat -na
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
[...]
tcp4 0 0 10.203.1.252.520 *.* LISTEN
tcp4 0 0 10.203.5.252.520 *.* LISTEN
[...]
root@fw-master:~ # grep -B3 -A35 ZETSU /usr/local/etc/inc/plugins.inc.d/dhcpd.inc
if (!empty($dhcpifconf['failover_peerip'])) {
$intip = get_interface_ip($dhcpif, $ifconfig_details);
/* ZETSU $failover_primary = false; */
$failover_primary = true;
if (!empty($config['virtualip']['vip'])) {
foreach ($config['virtualip']['vip'] as $vipent) {
if ($vipent['interface'] == $dhcpif) {
$carp_nw = gen_subnet($vipent['subnet'], $vipent['subnet_bits']);
if (ip_in_subnet($dhcpifconf['failover_peerip'], "{$carp_nw}/{$vipent['subnet_bits']}")) {
/* this is the interface! */
if (is_numeric($vipent['advskew']) && (intval($vipent['advskew']) < 20)) {
$failover_primary = true;
}
break;
}
}
}
} else {
log_error('Warning! DHCP Failover setup and no CARP virtual IPs defined!');
}
$dhcpdconf_pri = "";
if ($failover_primary) {
$my_port = "519";
$peer_port = "520";
$type = "primary";
$dhcpdconf_pri = "split 128;\n";
if (isset($dhcpifconf['failover_split'])) {
$dhcpdconf_pri = "split {$dhcpifconf['failover_split']};\n";
}
$dhcpdconf_pri .= " mclt 600;\n";
} else {
$type = "secondary";
$my_port = "520";
$peer_port = "519";
}
root@fw-master:~ # ifconfig
igb0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: Cluster
options=4800028<VLAN_MTU,JUMBO_MTU,NOMAP>
ether 00:30:18:01:6c:28
inet 10.203.0.1 netmask 0xfffffff8 broadcast 10.203.0.7
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
igb1: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: Emergency
options=4800028<VLAN_MTU,JUMBO_MTU,NOMAP>
ether 00:30:18:01:6c:29
inet 192.168.23.253 netmask 0xffffff00 broadcast 192.168.23.255
media: Ethernet autoselect
status: no carrier
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
igb2: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=4800028<VLAN_MTU,JUMBO_MTU,NOMAP>
ether 00:30:18:01:6c:2a
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
igb3: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=4800028<VLAN_MTU,JUMBO_MTU,NOMAP>
ether 00:30:18:01:6c:2a
hwaddr 00:30:18:01:6c:2b
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
igb4: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=4800028<VLAN_MTU,JUMBO_MTU,NOMAP>
ether 00:30:18:01:6c:2a
hwaddr 00:30:18:01:6c:2c
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
igb5: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=4800028<VLAN_MTU,JUMBO_MTU,NOMAP>
ether 00:30:18:01:6c:2a
hwaddr 00:30:18:01:6c:2d
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
enc0: flags=0<> metric 0 mtu 1536
groups: enc
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
pflog0: flags=20100<PROMISC,PPROMISC> metric 0 mtu 33160
groups: pflog
pfsync0: flags=41<UP,RUNNING> metric 0 mtu 1500
pfsync: syncdev: igb0 syncpeer: 10.203.0.2 maxupd: 128 defer: off
syncok: 1
groups: pfsync
lagg0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=4800028<VLAN_MTU,JUMBO_MTU,NOMAP>
ether 00:30:18:01:6c:2a
laggproto lacp lagghash l2,l3,l4
laggport: igb2 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
laggport: igb3 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
laggport: igb4 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
laggport: igb5 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
groups: lagg
media: Ethernet autoselect
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
vlan01: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: Management
options=4000000<NOMAP>
ether 00:30:18:01:6c:2a
inet 10.203.5.253 netmask 0xffffff00 broadcast 10.203.5.255
inet 10.203.5.254 netmask 0xffffffff broadcast 10.203.5.254 vhid 3
groups: vlan
carp: MASTER vhid 3 advbase 1 advskew 0
vlan: 5 vlanproto: 802.1q vlanpcp: 0 parent interface: lagg0
media: Ethernet autoselect
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
vlan02: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: LAN
options=4000000<NOMAP>
ether 00:30:18:01:6c:2a
inet 192.168.0.213 netmask 0xffffff00 broadcast 192.168.0.255
inet 192.168.0.254 netmask 0xffffffff broadcast 192.168.0.254 vhid 4
groups: vlan
carp: MASTER vhid 4 advbase 1 advskew 0
vlan: 2 vlanproto: 802.1q vlanpcp: 0 parent interface: lagg0
media: Ethernet autoselect
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
vlan03: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: Ospiti
options=4000000<NOMAP>
ether 00:30:18:01:6c:2a
inet 10.203.1.253 netmask 0xffffff00 broadcast 10.203.1.255
inet 10.203.1.254 netmask 0xffffffff broadcast 10.203.1.254 vhid 1
groups: vlan
carp: MASTER vhid 1 advbase 1 advskew 0
vlan: 4 vlanproto: 802.1q vlanpcp: 0 parent interface: lagg0
media: Ethernet autoselect
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
vlan04: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: WAN
options=4000000<NOMAP>
ether 00:30:18:01:6c:2a
inet [snip...] netmask 0xfffffff8 broadcast 185.100.109.151
inet [snip...] netmask 0xfffffffc broadcast 185.100.109.151 vhid 2
groups: vlan
carp: MASTER vhid 2 advbase 1 advskew 0
vlan: 99 vlanproto: 802.1q vlanpcp: 0 parent interface: lagg0
media: Ethernet autoselect
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
ovpns1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
inet 192.168.203.1 --> 192.168.203.2 netmask 0xfffffff8
groups: tun openvpn
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
Opened by PID 54350
ovpns2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
inet 192.168.203.33 --> 192.168.203.34 netmask 0xffffffe0
groups: tun openvpn
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
Opened by PID 93215
root@fw-master:~ #
root@fw-slave:~ # ifconfig
igb0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: Cluster
options=4800028<VLAN_MTU,JUMBO_MTU,NOMAP>
ether 00:30:18:01:66:b2
inet 10.203.0.2 netmask 0xfffffff8 broadcast 10.203.0.7
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
igb1: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: Emergency
options=4800028<VLAN_MTU,JUMBO_MTU,NOMAP>
ether 00:30:18:01:66:b3
inet 192.168.23.252 netmask 0xffffff00 broadcast 192.168.23.255
media: Ethernet autoselect
status: no carrier
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
igb2: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=4800028<VLAN_MTU,JUMBO_MTU,NOMAP>
ether 00:30:18:01:66:b4
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
igb3: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=4800028<VLAN_MTU,JUMBO_MTU,NOMAP>
ether 00:30:18:01:66:b4
hwaddr 00:30:18:01:66:b5
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
igb4: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=4800028<VLAN_MTU,JUMBO_MTU,NOMAP>
ether 00:30:18:01:66:b4
hwaddr 00:30:18:01:66:b6
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
igb5: flags=8963<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=4800028<VLAN_MTU,JUMBO_MTU,NOMAP>
ether 00:30:18:01:66:b4
hwaddr 00:30:18:01:66:b7
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x7
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
enc0: flags=0<> metric 0 mtu 1536
groups: enc
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
pfsync0: flags=0<> metric 0 mtu 1500
groups: pfsync
pflog0: flags=20100<PROMISC,PPROMISC> metric 0 mtu 33160
groups: pflog
lagg0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=4800028<VLAN_MTU,JUMBO_MTU,NOMAP>
ether 00:30:18:01:66:b4
laggproto lacp lagghash l2,l3,l4
laggport: igb2 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
laggport: igb3 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
laggport: igb4 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
laggport: igb5 flags=1c<ACTIVE,COLLECTING,DISTRIBUTING>
groups: lagg
media: Ethernet autoselect
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
vlan01: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: Management
options=4000000<NOMAP>
ether 00:30:18:01:66:b4
inet 10.203.5.252 netmask 0xffffff00 broadcast 10.203.5.255
inet 10.203.5.254 netmask 0xffffffff broadcast 10.203.5.254 vhid 3
groups: vlan
carp: BACKUP vhid 3 advbase 1 advskew 100
vlan: 5 vlanproto: 802.1q vlanpcp: 0 parent interface: lagg0
media: Ethernet autoselect
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
vlan02: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: LAN
options=4000000<NOMAP>
ether 00:30:18:01:66:b4
inet 192.168.0.212 netmask 0xffffff00 broadcast 192.168.0.255
inet 192.168.0.254 netmask 0xffffffff broadcast 192.168.0.254 vhid 4
groups: vlan
carp: BACKUP vhid 4 advbase 1 advskew 100
vlan: 2 vlanproto: 802.1q vlanpcp: 0 parent interface: lagg0
media: Ethernet autoselect
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
vlan03: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: Ospiti
options=4000000<NOMAP>
ether 00:30:18:01:66:b4
inet 10.203.1.252 netmask 0xffffff00 broadcast 10.203.1.255
inet 10.203.1.254 netmask 0xffffffff broadcast 10.203.1.254 vhid 1
groups: vlan
carp: BACKUP vhid 1 advbase 1 advskew 100
vlan: 4 vlanproto: 802.1q vlanpcp: 0 parent interface: lagg0
media: Ethernet autoselect
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
vlan04: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: WAN
options=4000000<NOMAP>
ether 00:30:18:01:66:b4
inet [snip...] netmask 0xfffffff8 broadcast 185.100.109.151
inet [snip...] netmask 0xfffffffc broadcast 185.100.109.151 vhid 2
groups: vlan
carp: BACKUP vhid 2 advbase 1 advskew 100
vlan: 99 vlanproto: 802.1q vlanpcp: 0 parent interface: lagg0
media: Ethernet autoselect
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
ovpns1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
inet 192.168.203.1 --> 192.168.203.2 netmask 0xfffffff8
groups: tun openvpn
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
Opened by PID 30516
ovpns2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
inet 192.168.203.33 --> 192.168.203.34 netmask 0xffffffe0
groups: tun openvpn
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
Opened by PID 30997
root@fw-slave:~ # cat /var/dhcpd/etc/dhcpd.conf
option domain-name "dave.lan";
option ldap-server code 95 = text;
option arch code 93 = unsigned integer 16; # RFC4578
option pac-webui code 252 = text;
default-lease-time 7200;
max-lease-time 86400;
log-facility local7;
one-lease-per-client true;
deny duplicates;
ping-check true;
update-conflict-detection false;
authoritative;
failover peer "dhcp_opt4" {
secondary;
address 10.203.1.252;
port 520;
peer address 10.203.1.253;
peer port 519;
max-response-delay 10;
max-unacked-updates 10;
load balance max seconds 3;
}
failover peer "dhcp_opt2" {
secondary;
address 10.203.5.252;
port 520;
peer address 10.203.5.253;
peer port 519;
max-response-delay 10;
max-unacked-updates 10;
load balance max seconds 3;
}
subnet 10.203.1.0 netmask 255.255.255.0 {
pool {
option domain-name-servers 10.203.1.254;
deny dynamic bootp clients;
failover peer "dhcp_opt4";
range 10.203.1.100 10.203.1.199;
}
option routers 10.203.1.254;
option domain-name-servers 10.203.1.254;
}
subnet 10.203.5.0 netmask 255.255.255.0 {
pool {
option domain-name-servers 10.203.5.254;
deny dynamic bootp clients;
ignore-client-uids true;
failover peer "dhcp_opt2";
range 10.203.5.100 10.203.5.109;
}
option routers 10.203.5.254;
option domain-name-servers 10.203.5.254;
}