HA on dual-ESXi: no LAN, no party
I have two VMware ESXi 6.7 hosts, in each I have installed an instance of pfSense 2.4.5, configured in HA (primary and secondary), with OpenVPN and multi-WAN servers, all perfect!
The perplexity arises when I simulate a failure by disconnecting the LAN cable of the ESXi host where the primary/master pfSense is running:
a) the secondary instance rightfully becomes the master for the LAN
b) the primary instance becomes a backup for the LAN accordingly
c) BUT since everything is normal on the WAN side, the primary remains the master for both Internet lines
Result, isolated LAN, no access from/to Internet!
Yet, theoretically, one of the two instances is still active and could continue to manage the whole circus.
Is there a solution?
I just want to add that each ESXi host is connected to two stacked switches with two crossed DAC cables.
The failure simulation described in the first post was done by momentarily moving the virtual LAN interface of the primary pfSense VM to an unused port group.
So, given that the secondary remains connected, fully functional and could potentially continue to manage the connectivity, is there a way to make it master for all the VIPs even in the event of a single connection failure?
Something similar to what you read in the FortiOS documentation: https://docs.fortinet.com/document/fortigate/latest/administration-guide/489324/failover-protection
what you want is net.inet.carp.preempt.
The preempt shold be enabled. That means if one interface is failing on a pfSense then ALL Interface do a failover not only one.
Also bare in mind I have seen some complications with carp and multicast on the esxi and the security settings of the protgroup / swtich. (Multicat - promismode / ARP address Change)