Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
CARP failing over (and activating addresses) before settings are applied.
« previous
next »
Print
Pages: [
1
]
Author
Topic: CARP failing over (and activating addresses) before settings are applied. (Read 2666 times)
noses
Newbie
Posts: 6
Karma: 0
CARP failing over (and activating addresses) before settings are applied.
«
on:
November 21, 2018, 01:05:19 pm »
Version 18.7.7 (and probably in all versions before because nobody ever looked at it)
Try:
1) Set up a set of paired OPNsenses.
2) Start adding CARP interfaces on the master but
do not apply changes
(e. g. because you want to have them created all at once as you are working in a live environment).
3) Take a look at Firewall->Virtual IPs->Status on the backup machine.
You will find it to be master for all the new interfaces you created.
This thoroughly cramped my style... I wanted to set up the final pieces on the replacement router by adding all the CARP interfaces to take over the router IP addresses across a collection of separate network segments at once and suddenly around me chaos broke out because the backup machine started messing up ARP tables by becoming active.
If this is an intentional feature it should be documented in a highly visible place... And if this is the intention what is the "Apply changes" button intended for?
Achim
«
Last Edit: November 21, 2018, 01:06:53 pm by noses
»
Logged
AdSchellevis
Administrator
Hero Member
Posts: 904
Karma: 183
Re: CARP failing over (and activating addresses) before settings are applied.
«
Reply #1 on:
November 21, 2018, 06:27:10 pm »
Can you create an issue on GitHub for this (
https://github.com/opnsense/core
), this looks like old behaviour we should change....
When writing the config, it calls :
https://github.com/opnsense/core/blob/9634dc64fc0b1deb019563994af51b47ce29d08d/src/etc/inc/config.inc#L164
Which then calls:
https://github.com/opnsense/core/blob/9634dc64fc0b1deb019563994af51b47ce29d08d/src/etc/rc.filter_synchronize#L168
And triggers a setup on the backup:
https://github.com/opnsense/core/blob/9634dc64fc0b1deb019563994af51b47ce29d08d/src/etc/inc/xmlrpc/legacy.inc#L200-L234
I think we should skip the whole sync on config write idea in 19.1 and leave it up to the user, since we have a status page for this now so we avoid changes being made which may lead to an invalid configuration.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
CARP failing over (and activating addresses) before settings are applied.