1. Home
  2. pfSense® Software
  3. HA/CARP/VIPs
  4. SOLVED: Both member has status as MASTER…!?

SOLVED: Both member has status as MASTER…!?

  • M

    Hi, i have setted up the HA on the first pfsense and synced to the backup member.
    But both shows me that the CARP interfaces are MASTERs after a reboot!?

    LOG Master:

    Apr 25 22:07:38  kernel  done. 
    Apr 25 22:07:37  php-fpm  312  /rc.carpmaster: HA cluster member "(10.0.202.254@hn1): (HOSTING)" has resumed CARP state "MASTER" for vhid 2 
    Apr 25 22:07:37  php-fpm  311  /rc.carpmaster: HA cluster member "(10.0.102.254@hn0): (WAN)" has resumed CARP state "MASTER" for vhid 1 
    Apr 25 22:07:37  kernel  done. 
    Apr 25 22:07:36  php-cgi  rc.bootup: sync unbound done. 
    Apr 25 22:07:36  check_reload_status  Carp master event 
    Apr 25 22:07:36  kernel  carp: 1@hn0: BACKUP -> MASTER (master timed out) 
    Apr 25 22:07:36  kernel  carp: 2@hn1: BACKUP -> MASTER (master timed out) 
    Apr 25 22:07:36  check_reload_status  Carp master event

    LOG Backup:

    Apr 25 21:57:54  php-fpm  312  /rc.carpmaster: HA cluster member "(10.0.202.254@hn1): (HOSTING)" has resumed CARP state "MASTER" for vhid 2 
    Apr 25 21:57:54  php-fpm  311  /rc.carpmaster: HA cluster member "(10.0.102.254@hn0): (WAN)" has resumed CARP state "MASTER" for vhid 1 
    Apr 25 21:57:53  check_reload_status  Carp master event 
    Apr 25 21:57:53  kernel  carp: 1@hn0: BACKUP -> MASTER (master timed out) 
    Apr 25 21:57:53  kernel  carp: 2@hn1: BACKUP -> MASTER (master timed out) 
    Apr 25 21:57:53  check_reload_status  Carp master event 
    Apr 25 21:57:52  check_reload_status  Updating all dyndns 
    Apr 25 21:57:52  php-cgi  rc.bootup: NTPD is starting up. 
    Apr 25 21:57:52  kernel  done. 
    Apr 25 21:57:52  kernel  done. 
    Apr 25 21:57:51  php-fpm  312  /rc.carpbackup: HA cluster member "(10.0.202.254@hn1): (HOSTING)" has resumed CARP state "BACKUP" for vhid 2 
    Apr 25 21:57:51  php-fpm  311  /rc.carpbackup: HA cluster member "(10.0.102.254@hn0): (WAN)" has resumed CARP state "BACKUP" for vhid 1 
    Apr 25 21:57:51  kernel  done.

    anyone a idea?

    thx
    MoPhat


    0
  • Derelict
    LAYER 8 Netgate

    You need good layer 2 that forwards multicast between the interfaces.

    How are the the nodes' WAN and LAN interfaces connected to each other?

    When the node with the higher advbase/advskew receives the advertisement from the faster node, it assumes backup status and downs the VIP.

    (by default advbase/advskew is primary 1/0 and secondary 1/100 and there is almost never a reason to change those)

    You posted the sync interface details so that leads me to believe you think that has something to do with CARP status. It has nothing to do with it. The CARP status is determined by the interfaces with the VIPs on them exchanging advertisements on the networks between them. All the SYNC interface does is exchange state sync and XMLRPC Config sync. You should enable state sync on your secondary by the way. pfsync is bi-directional. Config sync is one-way (primary to secondary)

    0
  • M

    Hi Derelict

    I found out that in hyper-v i must activate the option for "mac address spoofing" on the vNics, after that all works fine :)


    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy