Messages

Intel X550 supports 10/5/2.5/1, currently using X550-T2 in HA configuration connecting to Comcast 2.5GbE ports on modem for 1.2Gb internet

Have you read thru the docs? I used these myself when configuring my HA setup.
https://docs.opnsense.org/manual/hacarp.html

Would you provide more detail of your configuration? I would like to try this configuration myself, do not have dual ISPs just 5 public IP's within the same /29.

Thanks
Z00m

I haven't used this util in a couple of years and it does work with OPNsense..
https://github.com/KoenZomers/pfSenseBackup

https://www.routerperformance.net/opnsense-repo/

Search thru the forum on VMware and/or ESX and you'll find many other posts. If you are creating a none HA firewall. you need to modify your PortGroup and enable Promiscuous mode, MAC address changes and Forged transmits.

If you are attempting to create an HA pair, the only way I've been successful to get an HA pair to work is use the same options with a vDS (Distributed Switch). Even then I finally had to tag the WAN side to get it to work.

Hopefully this helps, attaching a screen shot of the "Security section" where the above options are disabled by default.

Rebuild an HA Cluster configuration. speedtest info within the GUI showed nothing. Checked the speedtest.csv file it didn't have a duplicate entry, nano did say it was converting from a DOS file. Nothing looked wrong, so I renamed speedtest.csv to speedtest.csv.org and ran "python3 opn_speedtest.py" which recreated the speedtest.csv file and populated it with speed output information. Information now shows in the widget in the GUI.

I have comcast business myself with 5 IP's. so the only item I can suggest is have you spoofed the WAN mac address of your current firewall into OPNsense. I know on the residential side they use to remember your WAN mac address and I use to leave the firewall/modem off for about 1 hr to get it to release. using  a /32 is like a VPN connection it's the GW.

https://docs.opnsense.org/manual/interfaces.html

Has this been attempted on HA?

Thanks for the input, I forgot to mention in my initial post that I did try the passive node first.
Also on the primary node, I did put it into CARP maintenance mode and update found nothing to install.
Even rebooted the primary node while in CARP maintenance mode and update found nothing to install.

I'll look into this later. I did do some trickyness to these units. I moved /var & /tmp off the SSD onto second hard drive, this should not be the cause I hope.

Even turned IPv6 off to see if that helped with no luck. It's strange how the cron job runs everynight to check for updates and changes the status on the home page, then doesn't update anything.

Maybe I'll built up some VMs and see what happens.

I do have 1 strange item with this HA cluster.
Hulu & ParamountPlus will not stream thru this cluster.
They stream fine thru an old Atom CPU not in HA cluster and thru other standalone OPNsense FWs. And other streaming services work just fine. I'm going to packet capture it and see what it looks like.

All,
     I haven't looked into this much yet. I have a newly created HA cluster that was installed with 23.7 and upgraded to 23.7.5 before creating an HA cluster. The GUI shows pending update available, but when you click to proceed to upgrade it goes thru the process and says no updates available.
     I know updates are available as several standalone OPNsense 23.7.5 boxes showed the same pending update and they updated to 23.7.6.
     Any suggestions on what to troubleshoot? I've done the following so far.
     1) attempted to update from passive node, no success.
     2) attempted to update from active node, no success.
     3) put node1 (active) into maintenance mode and update, no success.
     4) change update server selection, no success.
     5) perform all update items via console, no success.
     6) attempted to update via pkg upgrade, no success.
     
     It's strange that standalone(s) will update, but the HA cluster will not.

Look at the information provided here.
https://bsd44.blogspot.com/2004/12/vmstat.html

Looks like faults is nothing but interrupts, so a high number shows a busy system.

Faults:
The faults section shows system faults. Faults, in this case, aren't bad, they're just received system traps and interrupts.

in Shows the number of system interrupts (IRQ requests) the system received in the last five seconds.

sy Shows the number of system calls in the last five seconds.

cs Gives the number of context switches, or times the CPU changed from doing one thing to doing another.

the instructions are lacking, you always do the following:
make
then if successfull
make install

Have you looked at these resources?? I'm in the process of connecting a UPS to my firewall and found these resources after searching the forum finding very little. looks like you can achieve your desired configuration by modifying/creating a custom conf file.

https://linux.die.net/man/8/apcupsd

http://www.apcupsd.org/manual/

WIFI cards have 2 different modes: Infrastructure and Ad-Hoc. You want Infrastructure mode and not all drivers support it.

https://docs.opnsense.org/manual/how-tos/interface_wireless_internal.html

FreeBSD supports wireless adapters in access point (infrastructure) mode, but this functionality is limited to some drivers and there may be some, which do not support all options available via the web interface. Please make sure that you buy a wireless card that is supported to avoid these problems.

From my experience I ditched the wifi card out of my FW. Use an external solution to achieve my goal. My biggest roadblock if I remember correctly was I wanted 3+ SSIDs and could only get 2. This is the short list of headaches. If you search the forum you'll probably find most say do it with an external AP.