LAGG + CARP VIP results in both machines in 'backup' state
-
I have 2x PFSense boxes, each with an OPT1 LAGG interface comprised of 3 nics
When configuring a CARP VIP both PFSense machines fall to "backup" . If I chose an interface that is just a single physical interface (no LAGG) everything works fine.
Does PFSENSE support what I'm trying to do? If so what am I doing wrong?
-
That works fine, but it may be your switch isn't doing something right. If both are backup they must both be seeing a bunch of carp advertisements, so perhaps traffic is looping among the lagg interfaces.
I'd focus on the switches and the lagg modes involved.
-
The CARP has its own dedicated interface - are you saying there are CARP announcements on the VIP interface (OPT) as well? Really bad diagram below:
PFSENSE 1 PFSENSE 2
lan interface <- - carp - -> lan interface(OPT1) LAGG0 (OPT1) LAGG0
\ /
\ /
–CARP VIP-- -
The sync interface is its own interface, that is not a "carp" interface. Nothing for CARP happens on the sync interface; That is for pfsync (state sync) and xmlrpc (config sync). CARP heartbeats are sent on each interface that has a CARP VIP.
-
Got it - thanks for clarifying. Will check out the switches
-
The sync interface is its own interface, that is not a "carp" interface. Nothing for CARP happens on the sync interface; That is for pfsync (state sync) and xmlrpc (config sync). CARP heartbeats are sent on each interface that has a CARP VIP.
Just checking back in - Using a Juniper (ex2200-48t-4g) Switch we created a LACP group in "active" mode and set the PFSENSE LAGG interface to type "LACP" and the CARP is working perfectly.
Thanks for the quick response! ;D
