[SOLVED] Problem with VIP CARP MASTER redundancy

Started by johjoh, March 13, 2018, 03:24:27 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 13, 2018, 03:24:27 PM Last Edit: April 27, 2018, 04:10:56 PM by johjoh
Hello, I have two firewall with CARP VIP configured like the attached images.
On fw1 all IP are Master.
On fw2 3 IPs remain Master this 3 IPs simultaneously and I don't understand why?
If on fw1 I enter in CARP Maintenance Mode the fw2 becomes the Master on all IPs correctly.

Any help appreciated
March 27, 2018, 09:07:36 AM #1 Last Edit: April 27, 2018, 04:07:47 PM by johjoh
Anyone can help me?
March 27, 2018, 10:17:57 PM #2
Are you running OPNsense under VMware? If so, you may find this post helpful.
March 28, 2018, 01:19:04 PM #3 Last Edit: April 27, 2018, 04:07:37 PM by johjoh
No, two identical hardware with OPNsense installed bare metal
March 29, 2018, 02:19:15 PM #4
hi johjoh,
sadly I cannot help, but I see the same behaviour in my setup. I am in the early stages -non-production- and followed the CARP setup guide closely. Still I often see "Master" on both nodes. Some manual intervention from the GUI fixes that, but this is not the way I would expect.
regards martin
March 29, 2018, 06:17:07 PM #5 Last Edit: April 27, 2018, 04:07:28 PM by johjoh
The other problem is that the connection speed slow down because both want to be the master.
Problem with OpenVPN, both reply on WAN.
If you shutdown, for example, the backup firewall, the connection speed drastically increase.
April 27, 2018, 04:10:38 PM #6
The problem was the switch installed on WAN
Extreme Network X430
https://www.extremenetworks.com/product/x430-series/

Changed with another and the problem was gone, I think is IGMP Snooping problem like this post
https://doc.pfsense.org/index.php/CARP_Configuration_Troubleshooting#Switch.2FLayer_2_Issues
Print
Go Up Pages1
User actions