Hi Pablo. Thank you for the answer. > > Better use the primary-backup.sh script that is included in the > conntrack-tools package. You can find it under doc/sync. That script > should be called by your HA manager during the failover. Already done. I've included /usr/share/doc/conntrackd/examples/sync/ftfw/script_master.sh in vip-up.sh (the ucarp script called when failover occours): -----------vip-up.sh-------------------------- #! /bin/sh exec 2> /dev/null /sbin/ip addr add "$2"/24 dev "$1" # or alternatively: # /sbin/ifconfig "$1":254 "$2" netmask 255.255.255.0 #!/bin/sh /usr/sbin/conntrackd -c # commit the cache /usr/sbin/conntrackd -f # flush the caches /usr/sbin/conntrackd -R # resync with kernel conntrack table ----------------------------------------------- and of course i did the same with script_backup.sh in vip-down.sh Now I'm switching to keepalived (to stick more with provided examples) and i am doing some other experiment and i let you know how far i'll go with that. In the meantime, as i asked before, is there any way to increment log verbosity to understand what's going on (in /var/log/conntrackd.log)? Thanks again Regards Simone Zaffalon -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html