"Enter persistent carp maintenance mode" does not switch backup to master

[Grossartig]

When I click on "Enter persistent carp maintenance mode" on the master, nothing happens (Master remains master, Backup remains backup).

I have two identical OPNsense boxes (OPNsense 22.1.8_1-amd64) setup in HA with CARP & pfSync (the latter only on LAN). Single WAN behind a managed switch that both OPNsense boxes connect to. WAN MAC are identical on Master & Backup. A gateway group has been set up on both boxes as follows: Master prefers WAN_DHCP (Tier 1) and backup box as gateway as Tier 2. Backup prefers master box as gateway (Tier1) and WAN_DHCP as Tier 2. This is primarily intended to ensure the backup has Internet access through the master in a normal scenario (and vice versa).

The only scenario in which the backup becomes master is when I shut down the master. Then the failover to backup happens automatically and works well.

What can I do to propagate backup to master without having to shut down the master?

[nzkiwi68]

This sounds like a network switching issue.

Some network switches mess up with CARP/VRRP packets and don't process them very well. To work best, both the primary and master firewall should be connected to the same switch (or a stack of switched for redundancy).

[kd.gundermann]

are there any logs on the OPNsense where I can analyze if there are some problems with teh CARP protocol ??