Update HA pair

Started by yomeyo, November 15, 2016, 04:44:53 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 15, 2016, 04:44:53 PM Last Edit: November 15, 2016, 04:55:12 PM by yomeyo
Hi,

I currently run 2 OPNsense 16.7.0 instances in active/standby using CARP and pfSync. There are updates available. Is there any best practices method available for updating a HA setup of OPNsense?
January 18, 2017, 02:15:18 PM #1
Does anyone have experience with this? Thanks.
January 18, 2017, 02:57:26 PM #2
Hi, Im sorry I bother you, but as you are more advanced than I into HA using OPNSENSE 16.7, Im having some issues to making works HA, because I do it like the documentation and it doesnt work fine, apparently it synchronize well but secundary firewall saw Virtual IP via another interface, even it have conectivity between all interfaces inter firewall. If you could give the configuration you use or a guide I will be very gracefull.

Thanks for you help   
January 18, 2017, 07:13:55 PM #3
Active/passive cluster patching follows a common set of steps:

1. Negotiate a short downtime with your users
2. Patch your passive node
3. Fail over the cluster
4. Fail back if any issues
5. Patch the remaining node

Be wary of version anxiety; make sure the updates fix issues or vulnerabilities that apply to you.

Bart...
January 20, 2017, 04:10:22 PM #4
Hi Bart, thanks for the reply. Do you know how to failover to the other device other than unplugging or shutting down the active node?

Thanks.
January 21, 2017, 03:48:44 PM #5
Those are the recommended actions for fail-over. Unplugging the LAN is quicker to revert than shutting down but harder to do remotely ;-)

Bart...
January 23, 2017, 09:44:15 AM #6
Yes, but how to update if the LAN is unplugged? If I replug the LAN it will switch back to being the active node.
Print
Go Up Pages1
User actions