pfBlockerNG-devel 3.0.0_7 need enable/disable after HA failover


  • After a lot of bumps my pfsense HA cluster is online with dual WAN. Yeah!!!

    But...

    When I shutdown the master node the back up node take over in a few seconds and my DNS Resolver stops working.

    Routing is ok, I can ping IPs, but DNS resolution fails. After I hit Disable/Enable in pfBlocker everything works again.

    Anyone had a similar problem?

  • Moderator

    @agarkauskas
    Are you using pfBlockerNG-devel v3.0.0_7? Check the system.log for more clues.


  • @bbcan177 Marcelo! Tu é o cara!

    I think I found the problem. Double checking the logs I realized my TIMEZONE settings were different in both pfsense boxes. Box one is configured with America/Sao Paulo timezone. Box two was configured with GMT-3 - which SHOULD be the same - but it was not, it was behaving like GMT+3, so server one was 6 hours behind server two.

    I made the correction and it looks like it is working now. I will run more tests, lets see if it confirms to be the actual problem.


  • @bbcan177 Confirmed. It was the 6 hours time difference.