Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
High availability
»
HA not working on hyper-v lab
« previous
next »
Print
Pages: [
1
]
Author
Topic: HA not working on hyper-v lab (Read 1801 times)
olthana
Newbie
Posts: 3
Karma: 0
HA not working on hyper-v lab
«
on:
November 16, 2022, 09:31:59 pm »
Hi,
I'm planning to set a opnsense cluster on two physical machine, before that I want to test the configuration on a lab running on hyper-v.
I made 3 vswitch, one external, and two private (lan and pfsync), mac spoofing is enable on all of them.
I follow this documentation to proceed
https://docs.opnsense.org/manual/how-tos/carp.html
On the attachment you can see my network configuration.
The firewall rules on the WAN interface is :
IPv4 CARP * * * * * *
LAN :
IPv4 CARP * * * * * *
PFsync :
IPv4 * * * * * * *
My issue is when i try the replication between master and backup as per said in the official documentation, it failed and i just have "The backup firewall is not accessible or not configured"
If i reboot the master it will try to contact the backup failed again, nothing is synchronized.
What did I do wrong, what logs can i check to troubleshoot my issue ?
Logged
WaffleIron
Newbie
Posts: 17
Karma: 3
Re: HA not working on hyper-v lab
«
Reply #1 on:
December 28, 2022, 01:54:31 am »
Hi Olthana,
A few questions and comments on your setup as mine is very similar but on ESXi.
First, when you use the term "private switch" I read that to mean the vswitches you created don't have any physical uplinks? Assuming that's true, how do you expect a VM on two different physical boxes to communicate if they have no physical interface to send traffic out?
Second, is there a reason you want to use different vswitches instead of one and just use different vlans for segmentation? If you go this path just remember to create the layer 2 vlan on all the switches connecting the two physical servers together or they still won't be able to communicate.
Third, as the GUI implies HA uses a multicast address to communicate between the two boxes. If you have trouble with multicast working you can change this to unicast (box 1 sets peer to 172.16.0.2...box 2 sets peer to 172.16.0.1). That will fix you for HA but you will probably have the same issue with CARP since it uses multicast as well. Again, not a hyper-v guy so I can't provide much guidance but in the ESXi world you can enable promiscuous mode, mac address changes, and forget transmits to help support non-unicast communication.
Hope this helps.
Last
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
High availability
»
HA not working on hyper-v lab