Quote:
Originally Posted by Robby Cauwerts  Hi,
check your arp setting on the two firewall nodes with:
fw ctl arp
This will show you the static arp settings.
What do you mean with "which are my 2 interfaces connected to the internet, each with an own public net."
Check what's going on on the wire with tcpdump on your external interfaces when you do a manual failover
Further:
echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
This method is not recommended, as SecurePlatform periodically resets this to 0
You should create a file local.arp that contains the arp entries. More/latest info about this: check SecureKnowledge and search for sk25851.
Kr.
Robby |
thanks,
i thought
fw ctl arp relies only to automatic arp. i do it manually.
the output is:
No proxy ARP entries until now SPLAT doesn't overwrite my proxy_arp settings.
isn't local.arp only for windows?
when using the "
addarp"-command the mac-address is added to the ethers-file and restored at boot-time.
eth0 and eth1 are connected to the internet with different isps (NO dialup).
with my service-level i don't have access to sk25851 :-(