AWS HA and CARP failing over erroneously
-
I have 2 pfSense AWS virtual appliances in an HA configuration with one WAN interface and one LAN interface. I have CARP enabled on the WAN interface and the two units can communicate with each other. The CARP works and it fails over to the other unit when I turn the primary unit off and changes back when it is back up. It is moving my elastic IP and route table in this process and it does work.
The issue is that sometimes, randomly it changes the route table to the secondary instance and it stays that pointed at the secondary pfSense instance, causing traffic to not flow to outside any longer. I seemingly get this error when this happens.
Resource eipalloc-0a117cb1c30***** has been modified by a lower priority master,
troubleshooting of CARP vhid wan@1 may be necessary.
The resource has been restored to the expected state. @ 2024-08-28 15:37:28The CARP appears to be working with one in master and one in secondary so I'm not sure why it randomly does this. I usually manually change the route table back to reflect the main instance when this happens, but I have rebooted the instance and after a reboot and failing over to the secondary, when the primary comes back up it will take the elastic IP and route table back. I'm not sure why the pfSense randomly changes the route table and then doesn't change it back.
Any help anyone could provide would be appreciated.