Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    ESXi CARP on selected interfaces

    HA/CARP/VIPs
    1
    2
    61
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      klatoszy last edited by

      I have been running pfSense in ESXi VM with success for years. Recently when 2.4.5 was released I decided that I will add another VM and configure CARP to avoid down time during upgrade and/or other maintenance work. I'm using free ESXi version and thus only standard virtual switch is available.
      I followed documentation and CARP is running perfectly fine. But due to ESXi standard switch limitations (traffic goes to all VMs in portgroup) I have a problem with additional traffic, specifically on VLAN with file storage traffic where huge amount of data are moved. This has big performance impact on hypervisor.
      I have following interfaces:
      WAN
      LAN
      MGMT
      IOT
      STORAGE
      currently all configured for CARP. Big traffic on STORAGE interface affects heavily hypervisor.
      Now my idea is following:
      Configure CARP on all interfaces except STORAGE.
      During failover execute script to enable STORAGE interface on Master and disable on Slave. Alternatively keep STORAGE interface UP on both nodes but add/remove VIP alias during failover.
      Does this make any sense? Will that work? I don't mind if connections are dropped and/or STORAGE network will be down for few seconds.
      Please advise.

      1 Reply Last reply Reply Quote 0
      • K
        klatoszy last edited by

        So I investigated this littel bit further. Bringing interfaces UP/DOWN on failover did not work as expected.

        Then I tried to use VIP alias. At first manually using SSH I invoked following commands:
        VM becomeing Master:

        ifconfig vmx6 10.79.60.1 255.255.255.255 alias
        

        VM becomeing Backup:

        ifconfig vmx6 10.79.60.1 255.255.255.255 delete
        

        This gave me good result so I wanted to automate and edited /etc/rc.carpbackup and /etc/rc.carpmaster on both nodes. This did not work and I receive crash report like below:

        Crash report begins.  Anonymous machine information:
        
        amd64
        11.3-STABLE
        FreeBSD 11.3-STABLE #236 21cbb70bbd1(RELENG_2_4_5): Tue Mar 24 15:26:53 EDT 2020     root@buildbot1-nyi.netgate.com:/build/ce-crossbuild-245/obj/amd64/YNx4Qq3j/build/ce-crossbuild-245/sources/FreeBSD-src/sys/pfSense
        
        Crash report details:
        
        PHP Errors:
        [25-May-2020 14:05:18 Europe/Warsaw] PHP Parse error:  syntax error, unexpected 'vmx6' (T_STRING) in /etc/rc.carpbackup on line 120
        [25-May-2020 14:05:18 Europe/Warsaw] PHP Parse error:  syntax error, unexpected 'vmx6' (T_STRING) in /etc/rc.carpbackup on line 120
        [25-May-2020 14:05:18 Europe/Warsaw] PHP Parse error:  syntax error, unexpected 'vmx6' (T_STRING) in /etc/rc.carpbackup on line 120
        [25-May-2020 14:05:18 Europe/Warsaw] PHP Parse error:  syntax error, unexpected 'vmx6' (T_STRING) in /etc/rc.carpbackup on line 120
        [25-May-2020 14:05:18 Europe/Warsaw] PHP Parse error:  syntax error, unexpected 'vmx6' (T_STRING) in /etc/rc.carpbackup on line 120
        
        

        What I'm doing worng?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense Plus
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy