Thread: failover nat-problem
View Single Post
  #2 (permalink)  
Old 2006-10-23
Robby Cauwerts Robby Cauwerts is offline
Senior Member
  
Join Date: 2006-10-05
Location: Belgium
Posts: 108
Rep Power: 3
Robby Cauwerts has an average reputation (10+)
Default Re: failover nat-problem
Hi,

check your arp setting on the two firewall nodes with:
fw ctl arp

This will show you the static arp settings.


What do you mean with "which are my 2 interfaces connected to the internet, each with an own public net."

Check what's going on on the wire with tcpdump on your external interfaces when you do a manual failover

Further:
echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
This method is not recommended, as SecurePlatform periodically resets this to 0

You should create a file local.arp that contains the arp entries. More/latest info about this: check SecureKnowledge and search for sk25851.

Kr.
Robby
Last edited by Robby Cauwerts; 2006-10-23 at 06:47.
Reply With Quote