Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
High availability
»
opnsenseBE (OPNsense 24.10_7) still sending Multicast while all VIPs are Unicast
« previous
next »
Print
Pages: [
1
]
Author
Topic: opnsenseBE (OPNsense 24.10_7) still sending Multicast while all VIPs are Unicast (Read 452 times)
itngo
Full Member
Posts: 124
Karma: 4
opnsenseBE (OPNsense 24.10_7) still sending Multicast while all VIPs are Unicast
«
on:
October 25, 2024, 07:23:20 am »
Hi,
we have a pair of Deciso-Appliances here running in HA-Setup for about 12 VLANs. All are configured for CARP/VIP in Unicast-Mode and have the configured the IP of the Slave for direct CARP.
However, when we do a traffic capture, we can still see that one last interface continues to send VRRP Announments to 224.0.0.18. This should not happen in Unicast mode right?
Code:
[Select]
1
0.000000
192.168.201.3
224.0.0.18
VRRP
70
Announcement (v2)
Logged
blacknote
Newbie
Posts: 7
Karma: 0
Re: opnsenseBE (OPNsense 24.10_7) still sending Multicast while all VIPs are Unicast
«
Reply #1 on:
November 14, 2024, 03:31:13 pm »
Hi,
From me, it means that your carp hasnt syncrhonized in unicast.
did you add the ACL to permit the trafic?
i dit sthg like this /maybe there is sthg easier:
create alias with all IP from master / create alias with all IP from SLAVE
floating ACL
any interface concerned
acl from master alias to slave alias
acl from slave alias to master alias
Logged
spetrillo
Hero Member
Posts: 723
Karma: 8
Re: opnsenseBE (OPNsense 24.10_7) still sending Multicast while all VIPs are Unicast
«
Reply #2 on:
November 14, 2024, 06:36:40 pm »
Whoa...wait a sec....are you saying the HA is now supporting unicast packets? I thought this was not coming until 2025 with a new version of FreeBSD? Did I get that wrong?
I wanted to deploy HA virtual firewalls for a client, but my cloud provider does not support multicast in their multi-tenant cloud and I was told that unicast support is a 2025 item on the roadmap. Please tell me I got this all wrong.
Logged
franco
Administrator
Hero Member
Posts: 17808
Karma: 1631
Re: opnsenseBE (OPNsense 24.10_7) still sending Multicast while all VIPs are Unicast
«
Reply #3 on:
November 14, 2024, 07:53:39 pm »
24.7 and thus 24.10 have unicast CARP, yep.
https://github.com/opnsense/docs/commit/7e827e003793
See the "Peer" settings for th Virtual IP CARP addresses.
Cheers,
Franco
Logged
spetrillo
Hero Member
Posts: 723
Karma: 8
Re: opnsenseBE (OPNsense 24.10_7) still sending Multicast while all VIPs are Unicast
«
Reply #4 on:
November 14, 2024, 07:59:20 pm »
OMG this is fantastic!! I am going to begin testing in my client's cloud environment.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
High availability
»
opnsenseBE (OPNsense 24.10_7) still sending Multicast while all VIPs are Unicast