NTP - Backup CARP Unreach/Pending

  • Greetings,

    I'm hoping this is simple and I'm just missing something simple.

    I have pfSense 2.2.6 setup in a CARP config with NTP Service for my LAN only.  I'm noticing that my backup is not updating; Unreach/Pending.

    DMZ (LAN)
    xxx.xxx.xxx.xxx (DMZ_CARP)

    Time Servers

    My second physical site has the same setup and it's working fine.

    The only way I can get it to work is if I bind it to the WAN interface but I have no desire in opening that can of worms.

    Any assistance is appreciated and thank you ahead of time.

  • Well,  for the heck of it (not sure why I didn't do this prior to my post) I white boarded the NTP flow and realized a fundamental point; the backup won't receive the reply through CARP.

    I added an OUTBOUND NAT rule to focus NTP traffic to go out through the WAN ADDRESS.  After a restart of the service, it appears to be working correctly.

Log in to reply