Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Backup Notification of Master Failure

    Scheduled Pinned Locked Moved
    HA/CARP/VIPs
    4
    5
    2.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mdpugh
      last edited by

      I don't know if CARP has any such functionality as what I'm about to describe, but it seems like a very useful feature.  I tend to think it does not.

      I was recently in the hospital and one of my CARPed pfSense gateways went down while I was away.  As a result, my SixXS tunnel was disabled.  I've corrected that problem for now, but it occurs to me that if the other CARPed pfSense box (the backup, in this case) had detected the loss of its counterpart and sent me an email to that effect (for instance–other alerts are also possible), I could have made an effort to correct the problem in a more timely manner.

      So,

      • Does CARP or pfSense handle any such scenario?

      • Would this be a feature worth adding if not?

      • Does anyone know of any third party software that would handle this in the meantime?

      Thanks in advance!
      Mike Pugh

      P.S. Despite how I titled the subject, I obviously mean that if one fails the other alerts regardless of which is technically master or backup.  And, yes, SixXS did notify me by email, but having my own box do it first would offer more options, I should think.  I would want to know that one of the gateways had failed regardless of whether I was tunneling IPv6, for instance.

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        We and most users rely on general purpose network monitoring systems to detect such things. There's only so much a firewall can and should monitor along those lines, there are a slew of network monitoring platforms that are far better suited to monitoring and detecting that scenario amongst many others. Any network monitoring system can monitor at least accessibility of the interface IPs of each system, most of them can monitor CARP interface status via SNMP.

        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          If you have e-mail notifications configured, it does e-mail you when a CARP VIP transitions between master and backup. At least it does on 2.1, I thought it did on 2.0.x as well.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • N
            nullifi
            last edited by

            Indeed it does, but you have to fix the devd.conf file first. I ran into this a while back. Fixed it thanks to jimp.

            @jimp:

            Edit devd.conf, change the "subsystem" from carp to vip. Then you can killall -9 devd; devd (or reboot).

            I've been doing that to all my installs. Just make sure you restart devd afterwards.

            1 Reply Last reply Reply Quote 0
            • jimpJ
              jimp Rebel Alliance Developer Netgate
              last edited by

              Yeah that's fixed on 2.0.2 and 2.1. Forgot that was broken on 2.0.1.

              Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              1 Reply Last reply Reply Quote 0
              • First post
                Last post