151
17.1 Legacy Series / Re: carp/pfsync but connections interrupted
« on: June 23, 2017, 09:11:38 am »
Hi Andreas,
i'm also experiencing various CARP problerms from splitbrains to interface flapping and so on.
I quite new to OPNsense (since january) and I'm running a CARP cluster on 17.1.1 which seems to wok like expected.
A few days ago some new firewalls for another subsidiary came and I upgraded them to 17.1.8 and now I'm experiencing total confusing behaviour, although the config of the newer cluster is almost the same like on the prod one.
I'm bonding two interfaces to LAGG0 and configured VLANs on LAGG0. The VIPs are VLAN-IPs too.
LAGG0
---------------------------------------
- VLAN 10 --> V-IP ...10.1
- VLAN 20 --> V-IP ...20.1
- VLAN 30 --> V-IP ...30.1
The newer Cluster works as long as I'm only provoking failovers on WAN side. As soon as I shut down the LAGG that holds the VLANs my setup split brains. When I set BACKUP to maintenance it releases its V-IPs and MASTER becomes the master over all again, but its behaviour is quite laggy.
I haven't testet provoking a failover on the LAGG on our production system, since this won't be a good idea within the business hours, but I will do so on satyrday. At the moment i expect, no, I hope, that this behaviour is only related to 17.1.8 and not to 17.1.1 and hopefully a bug in the newer release, since the release notes mention that some work on CARP has be done.
Do you have similar experience ?
Do you also use a LAGG and VLANs ?
Best regards,
Wayne
i'm also experiencing various CARP problerms from splitbrains to interface flapping and so on.
I quite new to OPNsense (since january) and I'm running a CARP cluster on 17.1.1 which seems to wok like expected.
A few days ago some new firewalls for another subsidiary came and I upgraded them to 17.1.8 and now I'm experiencing total confusing behaviour, although the config of the newer cluster is almost the same like on the prod one.
I'm bonding two interfaces to LAGG0 and configured VLANs on LAGG0. The VIPs are VLAN-IPs too.
LAGG0
---------------------------------------
- VLAN 10 --> V-IP ...10.1
- VLAN 20 --> V-IP ...20.1
- VLAN 30 --> V-IP ...30.1
The newer Cluster works as long as I'm only provoking failovers on WAN side. As soon as I shut down the LAGG that holds the VLANs my setup split brains. When I set BACKUP to maintenance it releases its V-IPs and MASTER becomes the master over all again, but its behaviour is quite laggy.
I haven't testet provoking a failover on the LAGG on our production system, since this won't be a good idea within the business hours, but I will do so on satyrday. At the moment i expect, no, I hope, that this behaviour is only related to 17.1.8 and not to 17.1.1 and hopefully a bug in the newer release, since the release notes mention that some work on CARP has be done.
Do you have similar experience ?
Do you also use a LAGG and VLANs ?
Best regards,
Wayne