Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Development and Code Review
(Moderator:
fabian
) »
Making Wireguard CARP aware
« previous
next »
Print
Pages: [
1
]
Author
Topic: Making Wireguard CARP aware (Read 2101 times)
bubbagump
Newbie
Posts: 39
Karma: 5
Making Wireguard CARP aware
«
on:
January 31, 2023, 09:23:12 pm »
Currently Wireguard has no CARP awareness meaning a few things:
* Wireguard that is stopped on a firewall that is BACKUP start after an XMLRPC config sync when the enable flag is set.
* Wireguard starts on a firewall that is BACKUP after a reboot.
This causes issues where two firewalls are connected to the same VPN endpoint and thus have the same tunnel IP. The far end thrashes packets all over as the two tunnels fight for dominance.
There is a good CARP script out there to deal with failover but not the XMLRPC sync issue.
It occurs to me that there should be an option within the WG plugin to make it "CARP aware" OR a change in the default behavior to always be CARP aware similar to DHCP.
My ask here is does a pattern for such a thing exist? Are there other plugins that have such functionality? I'd like to dig into the problem, but I want to use any established patterns if they exist so I don't make a pull request and find "hey dude, do it this way over here as that's how we always do it." I don't think any plugins ARE CARP aware, thus my question and perhaps a new pattern would need to be created. Thanks!
«
Last Edit: January 31, 2023, 09:29:35 pm by bubbagump
»
Logged
bubbagump
Newbie
Posts: 39
Karma: 5
Re: Making Wireguard CARP aware
«
Reply #1 on:
February 01, 2023, 01:26:48 pm »
i'm dumb, mDNS has this same pattern.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Development and Code Review
(Moderator:
fabian
) »
Making Wireguard CARP aware