NTP - Backup CARP Unreach/Pending



  • Greetings,

    I'm hoping this is simple and I'm just missing something simple.

    I have pfSense 2.2.6 setup in a CARP config with NTP Service for my LAN only.  I'm noticing that my backup is not updating; Unreach/Pending.

    Interface(s)
    DMZ (LAN)
    xxx.xxx.xxx.xxx (DMZ_CARP)

    Time Servers
    0.pfsense.pool.ntp.org
    1.pfsense.pool.ntp.org
    2.pfsense.pool.ntp.org
    3.pfsense.pool.ntp.org

    My second physical site has the same setup and it's working fine.

    The only way I can get it to work is if I bind it to the WAN interface but I have no desire in opening that can of worms.

    Any assistance is appreciated and thank you ahead of time.



  • Well,  for the heck of it (not sure why I didn't do this prior to my post) I white boarded the NTP flow and realized a fundamental point; the backup won't receive the reply through CARP.

    I added an OUTBOUND NAT rule to focus NTP traffic to go out through the WAN ADDRESS.  After a restart of the service, it appears to be working correctly.


Log in to reply