OPNsense Forum

Archive => 18.1 Legacy Series => Topic started by: remd on March 23, 2018, 07:12:10 pm

Title: 18.1.5 update and CARP lottery
Post by: remd on March 23, 2018, 07:12:10 pm
I have two lines of firewalls on opnsense appliances, I have updated all 4 of them from 18.1.2 to 18.1.5, for two of them no problem but CARP was messed up for the other 2.
Apparently the CARP configuration got lost during the 18.1.5 update on the backup firewall, so I configured it again, the system was very slow after that but was ok again after a reboot.
The problem however remains with CARP, it has been stable with 18.1.2, and I haven't touched any hardware during the update, but now both system's 7 VLANs Master/Backup will change randomly after some time or a reboot.
for example I have about 3 VLAN's with Master/Backup as they should be and 4 are Master on the Backup and Backup on the Master, and this can change after some time or a reboot seemingly randomly.
Again this was all stable before the update, and its not the first time CARP gets unstable after an update, last time it went stable again after some time and another update, I just don't dare use this system fully in production yet without a backup connection :/

I have tried to revert to 18.1.4, but that didnt help so I updated again to 18.1.5.

Does anyone have any advice where to look and troubleshoot this  ?
Title: Re: 18.1.5 update and CARP lottery
Post by: mimugmail on March 23, 2018, 07:24:12 pm
You could try downgrade the kernel:

# opnsense-update -kr 18.1
# /usr/local/etc/rc.reboot

Don't know if there were some driver issues ..
Title: Re: 18.1.5 update and CARP lottery
Post by: franco on March 24, 2018, 01:38:45 pm
CARP wasn't changed and we don't forcefully flush partial configuration. It doesn't make much sense anyway since everything is in a single config.xml so it's either all was removed or none of it (by accident).

Check your config history to see when and why the CARP configuration disappeared. It's under System: Configuration: History and you can diff each change quite easily.


Cheers,
Franco
Title: Re: 18.1.5 update and CARP lottery
Post by: remd on March 26, 2018, 11:09:19 am
Thanks for your replies, as you may have noticed I was a bit frustrated by this when I posted about it, and it didnt make much sense to me either..

Anyway to clarify the CARP configuration on the main backup was flushed somehow during the upgrade, only the ip of the master in "Synchronized peer" remained all the rest was unconfigured/unchecked, while it was there before the upgrade.
I don't know why, its just what happened..  I can only speculate there may have been a check that didnt pass and as a result the config was removed, or it wasn't copied over or.. I don't know.

When I check the history there are a number of occurrences as I update the CARP config again, tried to downgrade/upgrade etc..
But if I check between the last change and update I only see this in the diff:
"<description>/usr/local/opnsense/mvc/script/run_migrations.php made changes</description>"

In any case the configuration is done again, but I have 3 vlans where the master and backup are reversed, I'll also have to investigate if the instability has anything to do with the switch they are connected to.