Suricata causes HA Carp VIP failover

Started by karaman, December 23, 2020, 12:58:23 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 23, 2020, 12:58:23 PM
I was trying to find out why every day I get a CARP failover and finally figured out that it happens right after Suricata rules are download and suricata (Promiscuous-Mode) is restarted (stopped part of it specifically I think).  The firewalls failover to the secondary and then not back again.  This happens on the two OPNsense 20.7.7_1-amd64 cluster systems that I have installed on hardware platforms (dell).

Suricata is in IPS Mode
Print
Go Up Pages1
User actions