Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
High availability
»
States not synchronizing, backup node insists on master for one CARP address
« previous
next »
Print
Pages: [
1
]
Author
Topic: States not synchronizing, backup node insists on master for one CARP address (Read 562 times)
RenegadeTech
Newbie
Posts: 3
Karma: 0
States not synchronizing, backup node insists on master for one CARP address
«
on:
July 23, 2024, 11:41:41 pm »
Hello everyone.
I have a couple of problems with my HA setup I'm hoping you can help me with. I have two nodes, each with em0 as the WAN, lagg0 as the LAN (em1 and bce0 bonded using LACP layer 3+4 with the switch's involvement,) and bce1 as the SYNC. All interfaces and connected switch set to MTU of 9000 except em0/WAN which is 1500.
1) States are not synchronizing between the two nodes. Of note, I only see one node ("this node" checked) under Interfaces: Virtual IPs: Status: pfSync nodes on each. How can I get the other to appear on both? The SYNC interfaces are directly connected between the two hosts with a Cat6 cable. Static IPs defined on both, links are up and I can ping each host on that interface from the other. Each node has the other's IP defined in System: HA: Synchronize Peer IP and the correct password. Synchronize States is checked on both. (Configuration synchronizes fine from master -> backup.)
2) My non-active node insists on being Master for the IPv6 CARP address even though the other node is also master on it. It won't let it go even if I enable persistent CARP maintenance mode either! This causes issues with IPv6 traffic I can only resolve by disabling the WAN interface completely on that non-active node. (Or shutting it down of course.) This may also cause routing problems since frr remains active on both nodes instead of disabling on the non-active one. (I'm not yet using BGP but will very soon.)
If it matters, I have two interface IP blocks defined on the WAN interfaces. One directly on the interface and another virtual IP on each node. (I have two upstream circuits each with their own interface IP block connected to the switch with these WAN ports.) I added a gateway for each IP block as well. I think problem #2 started once I added the second Virtual IP on the backup node. Problem #1 has been there since I started using OpnSense years ago. (pfSense from which I came had zero issues synchronizing states.)
Let me know if you need any more information. Thank you for any help you can provide!
«
Last Edit: July 23, 2024, 11:50:07 pm by RenegadeTech
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
High availability
»
States not synchronizing, backup node insists on master for one CARP address