Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2.4 HA cluster broken

    Scheduled Pinned Locked Moved 2.4 Development Snapshots
    6 Posts 3 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mist1
      last edited by

      Hello,
      I'm trying to test the configuration of the HA cluster.
      After HA configuration on master and backup server, the configuration  settings (VIP, rules etc) to the backup server is not synchronized. State table transfer good.
      Run on master /etc/rc.filter_synchronize
      Log on master

      Time	Process	PID	Message
Nov 2 09:23:14	php-cgi		rc.filter_synchronize: XMLRPC reload data success with http://192.168.201.2:80/xmlrpc.php (pfsense.filter_configure).
Nov 2 09:23:11	php-cgi		rc.filter_synchronize: Beginning XMLRPC sync data to http://192.168.201.2:80/xmlrpc.php.
Nov 2 09:23:11	php-cgi		rc.filter_synchronize: XMLRPC reload data success with http://192.168.201.2:80/xmlrpc.php (pfsense.restore_config_section).
Nov 2 09:23:11	php-cgi		rc.filter_synchronize: Beginning XMLRPC sync data to http://192.168.201.2:80/xmlrpc.php.
Nov 2 09:23:11	php-cgi		rc.filter_synchronize: XMLRPC versioncheck:15.6 -- 15.6
Nov 2 09:23:11	php-cgi		rc.filter_synchronize: XMLRPC reload data success with http://192.168.201.2:80/xmlrpc.php (pfsense.host_firmware_version).
Nov 2 09:23:10	php-cgi		rc.filter_synchronize: Beginning XMLRPC sync data to http://192.168.201.2:80/xmlrpc.php.

      Log on backup

      Nov 2 09:23:11	php-fpm	71579	/xmlrpc.php: Disallowing CARP sync loop
      1 Reply Last reply Reply Quote 0
      • P
        PiBa
        last edited by

        Made sure that on the backup machine the XMLRPC sync ip is left empty?

        1 Reply Last reply Reply Quote 0
        • M
          mist1
          last edited by

          Yes, xmlrpc settings is empty on backup of course.
          From my point of view maybe something is wrong in the logic at xmlrpc.php after commit
          https://github.com/pfsense/pfsense/commit/f81e7cc404bc3ede065c8c6315fdb5d26b2cfc5b

          public function __construct() {
		global $config;
		$this->remote_addr = $_SERVER['REMOTE_ADDR'];
		/* grab sync to ip if enabled */
		if (isset($config['hasync']['synchronizetoip']) &&
		    $config['hasync']['synchronizetoip'] == $remote_addr) {
			$this->loop_detected = true;
		}
	}

          If i change this part to "force false" on a backup server xmlrpc sync work as expected

          1 Reply Last reply Reply Quote 0
          • P
            PiBa
            last edited by

            Ah good find, broken indeed..

            It sets "$this->remote_addr" but reads "$remote_addr" which would be empty.. Not exactly sure why the 'empty==empty' check allowed me to properly sync before though.. After setting the syncip on the backup and removing it again it now complains like you report.. Fix send: https://github.com/pfsense/pfsense/pull/3215

            1 Reply Last reply Reply Quote 0
            • M
              mist1
              last edited by

              Thanks, i understood and i can check this on monday.

              Ok, checked. Loop detection fixed. Wait until the PR will be commit.

              1 Reply Last reply Reply Quote 0
              • jimpJ
                jimp Rebel Alliance Developer Netgate
                last edited by

                I tested and merged the PR, next snaps should have it.

                Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.