Sync interfaces changes in OPNSense HA

Started by mmaridev, September 24, 2020, 05:46:37 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 24, 2020, 05:46:37 PM
Hi,

we were trying to setup HA in OPNSense but encountered the following issue: when we add a new interface to the master (e.g. a VLAN), which occurs often, the same interface isn't created in the slave. Therefore,
1. the slave can't handle the new interface if necessary;
2. if you create a new interface in the slave in an ordred that is not congruent with the master (opt3 -> opt2) you'll get many troubles.

Any way this can be fixed? Top would be that when we create a new VLAN in the master this is created in the slave too.

Thanks,
Marco
September 24, 2020, 05:49:28 PM #1
You have to create them in the correct order in both, no other chance
September 28, 2020, 06:22:01 PM #2
May we convert this into a feature request?
September 29, 2020, 06:02:33 AM #3
I rather think this is a documentation issue
September 29, 2020, 01:37:53 PM #4
Yeah. It seems kinda self explanatory that the firewalls interfaces need to be configured the same in order to be a HA-pair.
2x 23.7 VMs & CARP, 4x 2.1GHz, 8GB
Cisco L3 switch, ESXi, VDS, vmxnet3
DoT, Chrony, HAProxy + NAXSI, Suricata
VPN: IPSec, OpenVPN, Wireguard
MultiWAN: Fiber 500/500Mbit dual stack + 4G failover

--
Available for private support.
Did my answer help you? Feel free to click [applaud] to the left
September 29, 2020, 03:34:43 PM #5
October 07, 2020, 02:41:46 PM #6
Okay thanks but this would be anyway a cool feature though. Maybe just for the "virtual" interfaces? Some proprietary firewall has this feature.
Print
Go Up Pages1
User actions