Little Confused

[viper359]

I am looking to do a HA setup
Master will be a Proxmox VM
Secondary will be a physical Sophos XG450 appliance

Do I understand right, because the interfaces on each machine will probably be named different,
high availability wont work?

[Patrick M. Hausen]

You can create a lagg interface with a single member from each physical or virtual port forcing the names to be identical.

[Seimus]

Or just rename them on Proxmox (rename the virtual NIC attached to the VM).

But your understanding is correct. In order to sync properly it has to have same naming conventions.

Regards,
S.

[falken]

You can force the interface name by using device hints.

Edit device.hints from the shell and edit (or create) the file /boot/device.hints
Add entries to bind the MAC address to a specific device name.
Example: To make a specific Intel card (igb0) always be lan0:
hint.igb.0.mac="00:11:22:33:44:55"
hint.igb.0.name="lan0"

This will keep the interface names identical between your boxes.

[Patrick M. Hausen]

Code Select Expand

hint.igb.0.mac="00:11:22:33:44:55"
hint.igb.0.name="lan0"


Wow! TIL. Thanks!

[Seimus]

You can force the interface name by using device hints.

Edit device.hints from the shell and edit (or create) the file /boot/device.hints
Add entries to bind the MAC address to a specific device name.
Example: To make a specific Intel card (igb0) always be lan0:
hint.igb.0.mac="00:11:22:33:44:55"
hint.igb.0.name="lan0"

This will keep the interface names identical between your boxes.

ooookay this is sick. Thanks for the tip!

I know the answer, but.... Why This is not a thing directly in the GUI? :)

Regards,
S.

[falken]

You can force the interface name by using device hints.

Edit device.hints from the shell and edit (or create) the file /boot/device.hints
Add entries to bind the MAC address to a specific device name.
Example: To make a specific Intel card (igb0) always be lan0:
hint.igb.0.mac="00:11:22:33:44:55"
hint.igb.0.name="lan0"

This will keep the interface names identical between your boxes.

ooookay this is sick. Thanks for the tip!

I know the answer, but.... Why This is not a thing directly in the GUI? :)

Regards,
S.

I just realize you should be able to add these from the Tunables section of the GUI as well as new entries, which would probably be a better idea here anyway. :)

[meyergru]

While this is a nice trick, would it not cause problems when the configuration gets synchronized?

[Patrick M. Hausen]

Let's picture one system with an interface named igb0 and one with vtnet0.

Set these tunables on both systems:

Code Select Expand

hint.igb.0.mac="00:11:22:33:44:55"
hint.vtnet.0.mac="00:22:33:44:55:66"
hint.igb.0.name="lan0"
hint.vtnet.0.name="lan0"

Now think about what happens on each system where only one of the interfaces exists - exactly the desired outcome!

This assumes that the mac/name hint construct is supported for all interface drivers, which I currently don't know.

[meyergru]

That is what I meant: Sure, it causes no immediate conflicts, iff the MACs are different. However, you must set the aliases on both sides in advance, not just one. Otherwise, a fail-over would null the existing settings.

[Patrick M. Hausen]

A failover does not sync tunables but an XMLRPC config sync does, if tunables are included in the configuration.

But of course every HA setup requires careful consideration and planning.