I am not sure this is related but it is weird/bad...I got around to setting the skew back to 0 for all CARP IPs on router1. pfSense (2.2.1) syncs the change to router2 so those skews change from 101 to 100. However afterwards router1 shows all five as Status of Master, and router2 shows all five with a blank Status. I must edit each of the five, save (without making changes) and only once changes are Applied the Status shows as Backup. That sounds like a configuration sync bug? I did see this when setting the skew from 0 to 1 earlier today and passed it off as I was clicking around a lot, but it seems to be repeatable.
-- Steve Steve Yates wrote on Mon, Mar 23 2015 at 2:50 pm: > Just ran into an odd scenario in my testbed...if pfSense (router1) is in a VM > (Parallels Cloud/Virtuozzo), and I run "service network restart" on the host > for > that VM, pfSense fails over the WAN interface but does not fail over the LAN > interface. At that point external communication is lost because one router is > handling LAN and one WAN. It does not seem to recover afterwards until the > host is restarted (we're also using VLANs on the host level for the pfSense VM > to use for its interfaces, so that may be a factor in having the host > restart). > > Per http://www.freebsd.org/cgi/man.cgi?query=carp&sektion=4, if > net.inet.carp.preempt=1 then the CARP interfaces should fail over together. > Running "sysctl net.inet.carp" on pfSense shows net.inet.carp.preempt=1. If I > reload the CARP status page on router2 quickly, I can see that the WAN and > LAN interfaces correctly fail over so router2 is Master, however it almost > immediately reverts so router2 is Master for WAN but router2 is Backup for > LAN, and router1 is Master for LAN. > > How can I ensure they "fail back" together? > > Note that when I simply boot the host for router1, pfSense does fail over and > back correctly! So something is making it not fail back on the network > restart? > > For what it's worth we have a IPv4 and IPv6 CARP IPs for WAN, and an IPv4, an > IPv4 alias, and IPv6 CARP IP for LAN. > > I found an OpenBSD (which I know is different OS, but...) FAQ page on CARP > that says "By default all carp(4) interfaces are added to the carp group." > However if I run "ifconfig -v" on pfSense no groups are listed for em0 and > em1, > only lo0, enc0, and ovpns1. I created a pfSense interface group "carpgroup" > for > LAN and WAN, but had the same symptoms. _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
