experiencing some weird issues when trying to setup a new set of routers.
We have single wan coming into two pfsense boxes, with CARP between them on its own interface, and shared Public IP along with a public IP assigned to each box, and on the lan side a shared LAN IP, and then a lan IP assigned to each box, nothing too "complicated" as far as I'm aware.
If I login to the router directly, I can ping any site with no loss – google.com, slashdot, my own home servers. However if I connect from a system on the lan side I'm getting anything between 15 – 60% packet loss. However pinging the router directly with no issues.
Sample of the pings can be seen here: http://pastebin.com/rHqDHv1R
I've disabled all services other than NTPsync and the DNS forwarder.
I'm kind of at a complete loss. The network its self is a bit more complicated – As this is a new set of routers we are doing, there is also an existing pfsense box, which everyone is using currently as their gateway (so I can't turn this off/remove it). However I don't see why this would have any effect on the new systems.
Your help is very much appreciated
As requested, as best as I can produce, a graph showing the current network – Its far larger than pictured with lots more subnets etc however this shows the scope of the current testing and shows where the loss appears.
Best Answer
Get a packet capture on LAN and see what's happening. Is the lost traffic making it to the LAN side? My guess is it's not, most likely causes would be either an IP conflict or a MAC conflict (such as using the same CARP VHID on a different pair).