Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
WAN VIP failover to secondary during DHCP renewal
« previous
next »
Print
Pages: [
1
]
Author
Topic: WAN VIP failover to secondary during DHCP renewal (Read 1414 times)
Styx13
Newbie
Posts: 39
Karma: 6
WAN VIP failover to secondary during DHCP renewal
«
on:
April 07, 2022, 05:09:07 pm »
Hello,
Since OPNsense 22.1.3 or 22.1.4 (I updated directly from 22.1.2 to 22.1.4), I have a strange behavior regarding CARP failover and my WAN interface DHCP renewal.
My OPNSense HA setup consist in 2 OPNsense instances on 2 different systems which are both connected to the same router for their WAN interface.
The router assigns each OPNsense an IP via DHCP and renews it every 24 hours (the DHCP configs is "static" in the sense that the MAC address of each OPNsense is assigned an IP in the DHCP server of the router - but from OPNSense point of view, it's DHCP served).
This has been working like that for years and no issues.
But lately (after the update from 22.1.2 to 22.1.4), every time the WAN DHCP address renews on my primary node, CARP would failover the WAN VIP to the secondary node (and just the WAN VIP, the other VIPs for my other VLANs all stay on the primary) and it stays like that, it never fails back to the primary.
While in that state (WAN VIP on secondary and all other VIPS on primary), several things are not working properly including some VPN connections I have and overall I notice some weird/slow DNS resolution and other slowness.
The only way I found to put back the WAN VIP on the primary is to go on both the primary and secondary, disable carp and re-enable it (sometimes I need to set carp persistent mode on secondary to force it back to primary).
Before 22.1.3, I never observed this behavior (and if it happened, it was probably very short and failed back right away so I never noticed it ?)
I noticed in the release notes of 22.1.3 the follow changes:
- interfaces: do not update VIPs on dynamic address changes
- interfaces: remove unused reference and return value from interface_carp_configure()
- dhcp: stream-read log and leases files for “dhcpd update prefixes” action
- ports: dpinger 3.2 [3]
Could any of those changes be related to the behavior I am seeing ?
Thank you.
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: WAN VIP failover to secondary during DHCP renewal
«
Reply #1 on:
April 07, 2022, 05:35:56 pm »
Hi,
Could be
https://github.com/opnsense/core/issues/5646
-- can you try the patch?
# opnsense-patch 57097e2
The patch is scheduled for 22.1.6 since no other reports so far, otherwise it would have made 22.1.5.
Cheers,
Franco
Logged
Styx13
Newbie
Posts: 39
Karma: 6
Re: WAN VIP failover to secondary during DHCP renewal
«
Reply #2 on:
April 08, 2022, 12:51:29 am »
I applied the patch and will let you know if the issue still occurs.
Logged
Styx13
Newbie
Posts: 39
Karma: 6
Re: WAN VIP failover to secondary during DHCP renewal
«
Reply #3 on:
April 13, 2022, 05:46:29 am »
@franco
Just wanted to report that ever since I applied this patch, the issue did not happen anymore.
So I believe you are correct, it is related to
https://github.com/opnsense/core/issues/5646
Thank you !
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: WAN VIP failover to secondary during DHCP renewal
«
Reply #4 on:
April 13, 2022, 09:22:01 am »
Nice, thanks, good news is it will be included in today's 22.1.6.
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
WAN VIP failover to secondary during DHCP renewal