Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfBlockerNG HA CARP issues

    Scheduled Pinned Locked Moved
    HA/CARP/VIPs
    1
    1
    296
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • fluvannaitF
      fluvannait
      last edited by

      Is there any documentation on running pfBlockerNG on an HA CARP pair? Specifically setting "DNSBL VIP Type" to "CARP"? I have gone through this several times and even after manually setting the skew to 0 on the primary and 100 on the secondary the primary shows the pfb_dnsbl status as stopped and I can't get it to start, but on the pfBlockerNG dashboard widget I have a green check next to DNSBL and if I hover over it it shows "DNSBL (Unbound mode) is Active on VIP 10.10.10.1 ports: 8081 & 8443". On the secondary it's showing as running in both the status-->services and on the pfBlockerNG dashboard widget. If I change the DNSBL VIP Type to IP Alias (disabling CARP) the pfb_dnsbl status shows running on both. Do I just use IP Alias instead of CARP? Will that work and continue to work if there is a fail-over? I'm going to post in the pfBlockerNG forum also. Posted here hoping someone with CARP expertise has encountered this before.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post