I am looking to do a HA setup
Master will be a Proxmox VM
Secondary will be a physical Sophos XG450 appliance
Do I understand right, because the interfaces on each machine will probably be named different,
high availability wont work?
You can create a lagg interface with a single member from each physical or virtual port forcing the names to be identical.
Or just rename them on Proxmox (rename the virtual NIC attached to the VM).
But your understanding is correct. In order to sync properly it has to have same naming conventions.
Regards,
S.
You can force the interface name by using device hints.
Edit device.hints from the shell and edit (or create) the file /boot/device.hints
Add entries to bind the MAC address to a specific device name.
Example: To make a specific Intel card (igb0) always be lan0:
hint.igb.0.mac="00:11:22:33:44:55"
hint.igb.0.name="lan0"
This will keep the interface names identical between your boxes.
Quote from: falken on February 27, 2026, 04:31:16 PMhint.igb.0.mac="00:11:22:33:44:55"
hint.igb.0.name="lan0"
Wow! TIL. Thanks!
Quote from: falken on February 27, 2026, 04:31:16 PMYou can force the interface name by using device hints.
Edit device.hints from the shell and edit (or create) the file /boot/device.hints
Add entries to bind the MAC address to a specific device name.
Example: To make a specific Intel card (igb0) always be lan0:
hint.igb.0.mac="00:11:22:33:44:55"
hint.igb.0.name="lan0"
This will keep the interface names identical between your boxes.
ooookay this is sick. Thanks for the tip!
I know the answer, but.... Why This is not a thing directly in the GUI? :)
Regards,
S.
Quote from: Seimus on February 27, 2026, 06:36:50 PMQuote from: falken on February 27, 2026, 04:31:16 PMYou can force the interface name by using device hints.
Edit device.hints from the shell and edit (or create) the file /boot/device.hints
Add entries to bind the MAC address to a specific device name.
Example: To make a specific Intel card (igb0) always be lan0:
hint.igb.0.mac="00:11:22:33:44:55"
hint.igb.0.name="lan0"
This will keep the interface names identical between your boxes.
ooookay this is sick. Thanks for the tip!
I know the answer, but.... Why This is not a thing directly in the GUI? :)
Regards,
S.
I just realize you should be able to add these from the Tunables section of the GUI as well as new entries, which would probably be a better idea here anyway. :)
While this is a nice trick, would it not cause problems when the configuration gets synchronized?
Let's picture one system with an interface named igb0 and one with vtnet0.
Set these tunables on both systems:
hint.igb.0.mac="00:11:22:33:44:55"
hint.vtnet.0.mac="00:22:33:44:55:66"
hint.igb.0.name="lan0"
hint.vtnet.0.name="lan0"
Now think about what happens on each system where only one of the interfaces exists - exactly the desired outcome!
This assumes that the mac/name hint construct is supported for all interface drivers, which I currently don't know.
That is what I meant: Sure, it causes no immediate conflicts, iff the MACs are different. However, you must set the aliases on both sides in advance, not just one. Otherwise, a fail-over would null the existing settings.
A failover does not sync tunables but an XMLRPC config sync does, if sync of tunables is included in the HA configuration.
But of course every HA setup requires careful consideration and planning.
Quote from: meyergru on March 04, 2026, 03:35:12 PMThat is what I meant: Sure, it causes no immediate conflicts, iff the MACs are different. However, you must set the aliases on both sides in advance, not just one. Otherwise, a fail-over would null the existing settings.
Yeah you would want to make sure they all are set on all servers.
Quote from: Patrick M. Hausen on March 04, 2026, 03:41:51 PMA failover does not sync tunables but an XMLRPC config sync does, if sync of tunables is included in the HA configuration.
Uhm well I would not sync tunables across the cluster anyway.
This stuff is done per device per HW. So even if I get two of the same HW, I would not sync it as its fine tuning and needs to be tailored to a specific device.
Regards,
S.