Netgate SG-1000 microFirewall

Author Topic: CARP and (HE.net) GIF tunnel  (Read 104 times)

0 Members and 1 Guest are viewing this topic.

Offline Polderdijk

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
CARP and (HE.net) GIF tunnel
« on: October 30, 2017, 04:18:07 am »
I setup CARP with one ISP and 2 PFSense boxes. Everything works as expected if I disable CARP on the primary.

The only thing is the HE.net tunnel, everything will go in Master status on the slave if i set 'Disable CARP' on the primary. But IPv4 works, but IP6 not. The Gateway to HE.net is shown as Online on the slave, but there is no IPv6 connectivity. I can ping the IPv6 CARP ip, also the IPv6 slave IP but if i ping the GIF tunnel local address or GIF tunnel remote address (or any other IPv6 outside LAN) then i get a PING: transmit failed. General failure.


My setup:

GIF HE.net tunnel is setup with this manual: https://doc.pfsense.org/index.php/Using_IPv6_with_a_Tunnel_Broker. Because of CARP i change the GIF parent interface to the WAN CARP IP.

Also created a IPv6 CARP IP on top of the LAN-interface (and set my clients to use this IP as gateway).

I have IPv6 internet, can ping6 the master, slave and CARP IPv6 IP-adres. So i think everything is setup correct?

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 21312
  • Karma: +1423/-26
    • View Profile
Re: CARP and (HE.net) GIF tunnel
« Reply #1 on: November 08, 2017, 09:25:59 am »
Compare the interface settings (ifconfig -a) and routing tables (netstat -rn) on both nodes in each state, see if there is anything different.
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!