Both routers keep claiming CARP master status due to interface switching.

  • I have 2 pfSense firewalls with HA setup. For some reason the backup firewall keeps claiming master status on some of the interfaces, because pfSense gets confused about which interface is which.

    If you look at the 2 pictures attached, Firewall 1 is setup correctly and is showing it is the master for each interface.

    But the second firewall has claimed MASTER status for vlan 20 and vlan 15 because it has switched the interfaces… i can of course fix this by going into firewall 2 and editing the virtual IP and setting the correct interface... but it keeps changing back.

  • LAYER 8 Netgate

    You probably have a mismatch between the interfaces on the primary and the interfaces on the secondary. They both need to be exactly the same from top to bottom in all aspects. You can use Status > Interfaces to compare.

    The VIPs are probably syncing from the primary to the "wrong" interface on the secondary.

  • That was it, thanks.

