OPNsense Forum

English Forums => General Discussion => Topic started by: noahmehl on December 29, 2018, 09:36:30 pm

Title: pfSync problem on 18.7.9
Post by: noahmehl on December 29, 2018, 09:36:30 pm

I have two hosts with a back to back cable on igb0.  They have IP addresses on the CARP interface (lan) of 10.255.255.2/24 and 10.255.255.3/24.  I have enabled Synchronize States on both hosts on that interface.  I have left the peer to the default (empty) value (multicast I assume).

However, this is not working.  When I tcp dump on the igb0 interface on both hosts, there is no traffic with the pf states...

I'm not sure how to debug this.  I've tried setting the peer IP address to the IPv4 address of the partner, and that didn't change anything either.

Title: Re: pfSync problem on 18.7.9
Post by: iMx on January 26, 2019, 09:57:52 am

I've just ordered another node to make a slave, so plan to tackle this soon - but from my prior reading, I believe you have to set the opposing unicast address on BOTH nodes (from another forum post on this forum).

Also the pfSense docs helped to clarify things for me, I think:

https://www.netgate.com/docs/pfsense/highavailability/configuring-high-availability.html

Enable State Synchronization (pfsync)

Title: Re: pfSync problem on 18.7.9
Post by: iMx on January 26, 2019, 10:06:53 am

Oh. And make sure the sync interface on both modes has an any any allow rule, if directly cabled this should be fine.

Title: Re: pfSync problem on 18.7.9
Post by: iMx on January 29, 2019, 04:58:18 pm

Works for me, my other node just arrived :)

Title: Re: pfSync problem on 18.7.9
Post by: noahmehl on February 26, 2019, 08:52:53 pm

Can you link for the forum post for "opposing unicast address"?