Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pf-Sync not syncing everything?

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    2 Posts 1 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      eureka
      last edited by

      Info:
      2.0-ALPHA-ALPHA
      built on Sun Feb 1 13:40:56 EST 2009
      FreeBSD 7.1-RELEASE-p2

      On my system it appears that no CARP/VIP/NAT/etc… Data is being sync'd even when attempting a "force" sync.
      Is anyone using pfsync on this build?

      1 Reply Last reply Reply Quote 0
      • E
        eureka
        last edited by

        Ok, Little more information to make this actually a useful post.

        I am running the above listed version. This is my setup.

        I have 2 pf-sense systems running a total of 6 network interfaces.
        2 interfaces are for wan (wanA / wanB)
        1 interface is for office-lan
        1 interface has vlans for ServerLan1 / ServerLan2
        1 interface is for pfsync (direct link)
        1 interface is for management (if i have to plug in directly for one reason or another).

        It appears that when setting pfsense to sync as listed in this guide.
            * Building a fully redundant Cluster with 2 pfSense-systems between WAN/LAN with CARP & pfSync / fSense CARP & pfSync failover-simulation
        http://www.pfsense.org/mirror.php?section=tutorials/carp/carp-cluster-new.htm

        We are able to sync some things such as the firewall state table. No other information appears to be syncing to the other system.

        However, it appears that after manually exporting the config from system 1 (pfbox-a) then importing it into system 2 (pfbox-b) and making the needed changes to Ip addresses/carp braudcast/sync/etc… We are able to see "Failover" with the carp but are still not syncing any config changes. Any changes to VIP's, Rules, IPSEC, CARP/etc aren't changing.

        On system boot the states do sync from one system to the other and vice versa so that appears to be working. Also, we see a message saying that openVPN is syncing up. Im not exactly sure if this is true because we arent using openVPN (yet) but it is also the only message we see on boot claiming to be preforming a sync.

        When sniffing the network traffic on the pf-sync interface i can see packets going back and forth and on the firewall i have an allow ALL rule set. It dose not appear to be throwing out any packets at this point. It just seems that it is not sending all of the data we want it to. We have even tried setting it to sync only one thing (alias/rules/etc..) and no matter which single thing we are trying to sync it appears that nothing is being sent to the 2nd box.

        We have tried this same config on the "Stable" release and it appears to be properly syncing data from one system to the other. It just seems that this is a problem with the 2.x UNSTABLE versions.

        Please let me know if anyone else is having this problem or if you have any suggestions. We have even tried to do a "Forced Sync" via the command line and it appears to not do anything more than we have seen before already.

        -E

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.