pfsync multicast message

Started by atom, October 02, 2020, 05:34:31 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 02, 2020, 05:34:31 PM Last Edit: October 04, 2020, 01:13:16 PM by atom
Hi,

I see deny messages for pfsync from the WAN address in the firewall log, even though pfsync is configured with IP addresses and not multicast (on both sides).

Regards,
atom
October 04, 2020, 01:13:24 PM #1
I'm using a dedicated interface for pfsync:

Code Select

ifconfig pfsync0
pfsync0: flags=41<UP,RUNNING> metric 0 mtu 1500
        pfsync: syncdev: ix2 syncpeer: 10.0.0.0.1 maxupd: 128 defer: off
        groups: pfsync


Code Select

ifconfig ix2
ix2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8538b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO>
        ether ac:1f:6b:b5:fe:a6
        inet 10.0.0.2 netmask 0xffffff00 broadcast 10.0.0.255
        inet6 fe80::ae1f:6bff:feb5:fea6%ix2 prefixlen 64 scopeid 0x3
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>


Code Select

tcpdump -ni ix0 proto pfsync:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ix0, link-type EN10MB (Ethernet), capture size 262144 bytes
13:03:40.792965 IP xxx.xxx.xxx.xxx > 224.0.0.240: PFSYNCv5 len 1278
    insert count 3
    update compressed count 5
    delete compressed count 8
    eof count 1
13:03:40.871131 IP xxx.xxx.xxx.xxx > 224.0.0.240: PFSYNCv5 len 1326
    insert count 5
    update compressed count 1
    eof count 1


Print
Go Up Pages1
User actions