Master not sharing states
-
First I hope this post isn't just more noise… :)
I have a u11 rack in colo. I've got two embedded pfsense boxes running carp/pfsync. The carp side of things it working properly, however I'm pretty sure firewall state information is not being shared.
Do shared states show in the Diagnostics -> States on the slave?
On the slave I have the below. It is NOT on the master tho.
pfsync 192.168.10.2 -> 224.0.0.240 SINGLE:NO_TRAFFICNaturally when the slave takes over all connections are dropped.
Master…
pfsync0: flags=41 <up,running>mtu 2020 pfsync: syncdev: lo0 syncpeer: 224.0.0.240 maxupd: 128</up,running>Slave…
pfsync0: flags=41 <up,running>mtu 1348 pfsync: syncdev: sis6 syncpeer: 224.0.0.240 maxupd: 128</up,running>Surely these should both be sis6?
Anyone with ideas? This smells like a bug to me…
TIA
-
You should have the same states on both boxes. The webgui can be a little out sometimes as it catches up (it refreshes slower than pf sync)
Check the "Synchronize Interface" selection on your master it looks like it is using the loopback device lo0. This should be on a real interface normally the one you have cross wired to the slave.
-
Checked and triple checked. It's configured just like like the flash guide. I'm using soekris boards and I don't they they are powerful enough, I thought I could 'get away' with low traffic for a while. Not sure if that could create a problem too.
-
I think the soekris boards should be ok.
even if they were too weak it shouldn't stop it being setup right it just might not work properly.
Check and resave the carp config on the master.
Check the masters interface assignments especially the CARP sync link.
Check the subnet masks on both nodes for the CARP sync linkIf it still won't go post a screen shot of the carp setup for both boxes and the sync interfaces