Hello list,
I currently have active-active CARP of two nodes with relayd and relayd(pf)
stops forwarding packets if I do a "large file download".
Setup:
two OpenBSD 5.3 connected to a Cisco stack, with 'balancing ip-stealth' on
external and 'balancing arp' on internal.
Both external and internal are connected to the same stack, except that
external has its' own VLAN.
relayd handles redirects to internal web-farm and all works fine, until the
download of rather big file(600MB) is initiated from this farm.
Then PF just stops to rdr packets in both directions.
redirect www {
listen on $EXT1 port $def_ext_httpport
listen on $EXT2 port $def_ext_httpport
tag WWW
sticky-address
forward to <webpool> port $int_httpport mode least-states check script
"/etc/check_web.sh"
forward to <web_fallback> port $int_httpport mode least-states check
http "/" code 200
}
What I can see in tcpdump, then it happens, is that internal machines which
just worked normally and handled this download, tries to push packets out, but
I don't see anything come out towards the remote host. relayd however reports
that all hosts, including this one, are up.
Of cause my CARP setup has pfsync with 'defer on', so states should not be a
problem in this case.
However, then I bring down one of the nodes into BACKUP on ALL carp, this large
http-download works as expected, e.g.. it completes and does not stales. So as
long as ONE of two nodes handles all traffic - it's all OK.
Any ideas?
//mxb
