HA XMLRPC sync appears to “merge” but does not actually write changes on the Backup
-
pfSense Plus in HA (Primary ⇄ Backup) with XMLRPC config sync enabled. pfBlockerNG present. Sync logs show normal activity on the Backup node.
XMLRPC sync runs and claims sections were merged, but the Backup’s config.xml content does not change (only the <revision> timestamp updates), I have checked this with config history. New rules/sections do not appear on the Backup at all, same for aliases.
After editing on the Primary (e.g., adding a simple LAN rule with a unique description), the same object should be present in the Backup GUI and in /cf/conf/config.xml. This isn’t working now, and I’m not sure when it broke—maybe on a 25.11 snapshots, or even earlier.
-
Can you reproduce that starting with a minimal config? It's hard to say what could be happening without reproducible steps. It works in my testing.
-
@w0w in pfB the sync happens on a force reload only. Theres a one line fix to have it happen at cron intervals…see this thread:
https://forum.netgate.com/topic/179060/pfblockerng-sync-not-working/50(The line number has changed over time)
