SOLVED: Both member has status as MASTER…!?

MoPhat

Hi, i have setted up the HA on the first pfsense and synced to the backup member.
But both shows me that the CARP interfaces are MASTERs after a reboot!?

LOG Master:

Apr 25 22:07:38  kernel  done. 
Apr 25 22:07:37  php-fpm  312  /rc.carpmaster: HA cluster member "(10.0.202.254@hn1): (HOSTING)" has resumed CARP state "MASTER" for vhid 2 
Apr 25 22:07:37  php-fpm  311  /rc.carpmaster: HA cluster member "(10.0.102.254@hn0): (WAN)" has resumed CARP state "MASTER" for vhid 1 
Apr 25 22:07:37  kernel  done. 
Apr 25 22:07:36  php-cgi  rc.bootup: sync unbound done. 
Apr 25 22:07:36  check_reload_status  Carp master event 
Apr 25 22:07:36  kernel  carp: 1@hn0: BACKUP -> MASTER (master timed out) 
Apr 25 22:07:36  kernel  carp: 2@hn1: BACKUP -> MASTER (master timed out) 
Apr 25 22:07:36  check_reload_status  Carp master event

LOG Backup:

Apr 25 21:57:54  php-fpm  312  /rc.carpmaster: HA cluster member "(10.0.202.254@hn1): (HOSTING)" has resumed CARP state "MASTER" for vhid 2 
Apr 25 21:57:54  php-fpm  311  /rc.carpmaster: HA cluster member "(10.0.102.254@hn0): (WAN)" has resumed CARP state "MASTER" for vhid 1 
Apr 25 21:57:53  check_reload_status  Carp master event 
Apr 25 21:57:53  kernel  carp: 1@hn0: BACKUP -> MASTER (master timed out) 
Apr 25 21:57:53  kernel  carp: 2@hn1: BACKUP -> MASTER (master timed out) 
Apr 25 21:57:53  check_reload_status  Carp master event 
Apr 25 21:57:52  check_reload_status  Updating all dyndns 
Apr 25 21:57:52  php-cgi  rc.bootup: NTPD is starting up. 
Apr 25 21:57:52  kernel  done. 
Apr 25 21:57:52  kernel  done. 
Apr 25 21:57:51  php-fpm  312  /rc.carpbackup: HA cluster member "(10.0.202.254@hn1): (HOSTING)" has resumed CARP state "BACKUP" for vhid 2 
Apr 25 21:57:51  php-fpm  311  /rc.carpbackup: HA cluster member "(10.0.102.254@hn0): (WAN)" has resumed CARP state "BACKUP" for vhid 1 
Apr 25 21:57:51  kernel  done.

anyone a idea?

thx
MoPhat

Derelict

You need good layer 2 that forwards multicast between the interfaces.

How are the the nodes' WAN and LAN interfaces connected to each other?

When the node with the higher advbase/advskew receives the advertisement from the faster node, it assumes backup status and downs the VIP.

(by default advbase/advskew is primary 1/0 and secondary 1/100 and there is almost never a reason to change those)

You posted the sync interface details so that leads me to believe you think that has something to do with CARP status. It has nothing to do with it. The CARP status is determined by the interfaces with the VIPs on them exchanging advertisements on the networks between them. All the SYNC interface does is exchange state sync and XMLRPC Config sync. You should enable state sync on your secondary by the way. pfsync is bi-directional. Config sync is one-way (primary to secondary)

MoPhat

Hi Derelict

I found out that in hyper-v i must activate the option for "mac address spoofing" on the vNics, after that all works fine :)