Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
High availability
»
CARP split brian issues
« previous
next »
Print
Pages: [
1
]
Author
Topic: CARP split brian issues (Read 3750 times)
raghunath.nagepalli
Newbie
Posts: 1
Karma: 0
CARP split brian issues
«
on:
September 15, 2022, 08:51:38 pm »
Hello Experts,
I'm from Nutanix, and we are using OPNsense for one of the VPCs (internal to Nutanix, not AWS). We are observing that at certain intervals, the status of WAN and LAN CARP interfaces splits from Master in one Firewall and backup in another.
Expected behavior: Both the interfaces should always be in Master status in Primary Firewall
Ongoing behavior: Abruptly demotes the status from Master to Backup
Does anyone know what could be the reason and tips to solve to solve this issue? Is this related to version (version being used - OPNsense 22.7.4-amd64)?
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: CARP split brian issues
«
Reply #1 on:
September 16, 2022, 08:45:16 am »
Screenshots of HA settings of both FWs and logs please
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
rainerle
Full Member
Posts: 151
Karma: 9
Re: CARP split brian issues
«
Reply #2 on:
October 14, 2022, 02:42:31 pm »
Are you using LAGG network devices in your setup? Just don't.
Cabeling proposal:
Logged
Patrick M. Hausen
Hero Member
Posts: 6812
Karma: 572
Re: CARP split brian issues
«
Reply #3 on:
October 14, 2022, 06:02:43 pm »
@rainerle - why?
My main systems use lagg to connect to the layer 2 infrastructure and VLANs for all interfaces. No issues with CARP whatsoever. Only the HA sync interface is just a direct cable.
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
rainerle
Full Member
Posts: 151
Karma: 9
Re: CARP split brian issues
«
Reply #4 on:
October 24, 2022, 09:31:56 am »
@pmhausen
So you have one leg of the LAGG to one switch and another leg to the other switch.
Check what happens when you reboot one switch - I had only problems...
https://forum.opnsense.org/index.php?topic=14374.0
Logged
Patrick M. Hausen
Hero Member
Posts: 6812
Karma: 572
Re: CARP split brian issues
«
Reply #5 on:
October 24, 2022, 12:09:52 pm »
The switches need to esplicitly support multi chassis LACP. The feature is also called "stacking".
If they don't, that would explain the problems you observe.
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
rainerle
Full Member
Posts: 151
Karma: 9
Re: CARP split brian issues
«
Reply #6 on:
October 31, 2022, 11:25:37 am »
I do expect our Huawei CE6810-32T16S4Q-LI switches to support stacking. At least the documentation says so...
https://support.huawei.com/enterprise/en/doc/EDOC1100137947/4154cda5/stacked-device-and-version-requirements
Logged
nzkiwi68
Full Member
Posts: 182
Karma: 20
Re: CARP split brian issues
«
Reply #7 on:
November 20, 2022, 09:12:57 pm »
I would slow down your CARP messages. The stacking might be working, but, occasionally be a "bit too slow".
Set on each of the CARP virtual IPs base 2 or 3. That is slowing down the CARP to 2 or 3 seconds and see if you then get stability.
Interfaces: Virtual IPs: Settings
Advertising Frequency - Base
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
High availability
»
CARP split brian issues