Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
High availability
»
Understanding CARP dashboard / strange behaviour
« previous
next »
Print
Pages: [
1
]
Author
Topic: Understanding CARP dashboard / strange behaviour (Read 520 times)
reunion974
Newbie
Posts: 17
Karma: 0
Understanding CARP dashboard / strange behaviour
«
on:
February 03, 2024, 10:08:53 am »
I just installed 2 OPNsense physical servers with HA.
As I have only 2 ethernet ports per server, I use multiple VLANS, including one dedicated to pfsync.
All the configuration seem ok, except some connexion problems when CARP swith to backup.
This morning I received messages from MONIT informing that the CARP backup -> master.
On the OPNSENSE Lobby:dashboard/CARP I heve this for the master :
CARP
WAN@1 MASTER 192.168.42.250
SRV@10 BACKUP 192.168.10.1
IoT@20 BACKUP 192.168.20.1
Management@40 BACKUP 192.168.40.1
GUEST@30 BACKUP 192.168.30.1
And this on the slave:
CARP
WAN@1 BACKUP 192.168.42.250
SRV@10 MASTER 192.168.10.1
IoT@20 MASTER 192.168.20.1
Management@40 MASTER 192.168.40.1
GUEST@30 MASTER 192.168.30.1
So it seems that the master firewall is acting as master on the WAN interface but as backup on the vlans on the LAN side, while the backup firewall is acting as backup on the WAN side but as master on the LAN side.
How is it possible? From what I understood, one physical firewall has to manage filtering rules, routing,... to do so it needs to have hand on both LAN and WAN. The firewall task can not be distributed over 2 physical servers, right?
So if I'm right, I should not have internet connexion, but as I'm writing this post the connexion is up!
Any help or explaination will be more than welcome !!!
Thanks a lot
EDIT: I found 2 other persons describing this issue. Unfortunately no answer.
«
Last Edit: February 03, 2024, 02:02:01 pm by reunion974
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
High availability
»
Understanding CARP dashboard / strange behaviour