Hi Any ideas with this one please? I have 2 openBSD boxes running as pair of firewalls using CARP + PF. This set up is already working for 12 months. Last week I was troubleshooting network problems reported by my clients and I noticed that several CARP interfaces had failed over. I checked that there were no more problems with the Primary firewall and I set the interfaces on the backup firewall back to "BACKUP" and made sure that the the primary firewall interfaces were all set to "MASTER". However I had intermittent timeout problems for the next 24hrs. Eventually I enabled "loud" debugging on PF and I saw that traffic was coming through both firewalls evenn though the backup firewall has all its CARP interfaces set back to "BACKUP". I tried several basic TCP debugging techniques but in the end I set all of the CARP interfaces on the backup firewall to "down". This is where I am at the moment. Can anyone point me in the direction of how I can investigate this further. I want to bring up the backup firewall interfaces as soon as possible so that I have my redundant set up but at the moment I am at a loss to think of what could be wrong. The only thing I can think off is that I have accidentally enabled load balancing - but I have checked the basics from the CARP documentation and , on the surface it does not look like it. I am running "4.1 GENERIC#874 amd64"
Regards Jonathan
