Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
High availability
»
CARP group tracking
« previous
next »
Print
Pages: [
1
]
Author
Topic: CARP group tracking (Read 5407 times)
pmladenov
Newbie
Posts: 37
Karma: 1
CARP group tracking
«
on:
December 04, 2020, 02:23:43 pm »
Hello,
I have 2 opnsense firewalls in HA with 2 different CARP groups - one for the LAN and one for the WAN.
I would like to implement a little bit more complex failover logic - instead of relying on physical interface down event, the idea is to use a script pinging several WAN IPs and in case all are down to demote active CARP LAN group.
Based on
https://docs.opnsense.org/development/backend/carp.html
document - I've created a shell script returning 0 in case all is good and 1 in case it needs to demote.
The script is executable and located in /usr/local/etc/rc.carp_service_status.d/
The question I have is how, when and by whom that script is being executed?
Regards,
Plamen
Logged
AdSchellevis
Administrator
Hero Member
Posts: 907
Karma: 184
Re: CARP group tracking
«
Reply #1 on:
December 04, 2020, 05:49:34 pm »
Hi Plamen,
It's in the note here
https://docs.opnsense.org/development/backend/carp.html#trigger-event
The service involved should fire it's own events using the hook subscribed, this is for example how FRR subscribes to messages using syslog-ng
https://github.com/opnsense/plugins/blob/ad3c3e745ad9768b764ed35617cbfa20a41921dd/net/frr/src/opnsense/service/templates/OPNsense/Quagga/syslog-ng-frr-events.conf#L5
Best regards,
Ad
Logged
pmladenov
Newbie
Posts: 37
Karma: 1
Re: CARP group tracking
«
Reply #2 on:
December 07, 2020, 06:31:45 pm »
Thanks,
It's a little bit more clear for me now. I have few assumptions now that I would like to verify. So in FRR example - in case of syslog-ng matches the specific syslog message then syslog-ng executes "/usr/local/sbin/configctl -e -t 0.5 interface update carp service_status" which runs ALL scripts in "/usr/local/etc/rc.carp_service_status.d/" ?
If above logic is correct - what happens if some of the executed scripts return 0 and other return 1 (for example)?
Regards,
Plamen
Logged
AdSchellevis
Administrator
Hero Member
Posts: 907
Karma: 184
Re: CARP group tracking
«
Reply #3 on:
December 07, 2020, 06:36:11 pm »
Hi Plamen,
Best read
https://github.com/opnsense/core/blob/master/src/sbin/carp_service_status
(which calculates and sets demotion)
Best regards,
Ad
Logged
pmladenov
Newbie
Posts: 37
Karma: 1
Re: CARP group tracking
«
Reply #4 on:
December 07, 2020, 07:45:36 pm »
Thanks Ad,
That addressed all my questions/assumption.
Regards,
Plamen
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
High availability
»
CARP group tracking