SYNC configuration only
-
Is there way, something like Unifi Shadow mode - that I will have tw Netgates and will not use full HA with CARP, but secondary Netgate will receive all changes done on Primary one? In case of failure, disocnnect it will switch to secondary with all IPs from Primary one? I want something like that. Thanks for advice.
-
@GeorgeCZ58 Haven’t tried it, but I use small parts of the Sync features (both pfsync, and XML sync in packages) in some odd cases that has nothing HA/CARP related in their setup.
I would assume it can work without issues IF you setup a specific interface for Sync’ing on both. That would be needed because the “backup” firewall would need to have all its other interfaces disconnected due to the identical IP config of the primary.
-
The idea seems OK, to have sync just for configuration. Is there anyone from Netgate to tell - yes you can use it like this? This "active-passive" solution is definetely what I am looking for.
-
Yes you can setup config sync only. However somethings are automatically converted for use on the secondary during the sync. Mostly the CARP VIPs which you wouldn't be using but also notably the DHCP server config. If you use Kea that wouldn't be an issue in 24.03 and in 24.08 you can disable it.
