PFSync and startup
-
HI !
I have a cluster of PFsense with a direct attached 1G link between them to pfsync. When I try to restart the backup node, I see in the logs :
Dec 28 08:55:34 pfsense2 check_reload_status: Reloading filter
Dec 28 08:55:34 pfsense2 php: : waiting for pfsync…
Dec 28 08:55:37 pfsense2 php: : Sending HUP signal to 50492
Dec 28 08:55:37 pfsense2 php: : Sending HUP signal to 50544
Dec 28 08:55:39 pfsense2 php: : Resyncing OpenVPN instances for interface CARPPRIVE.
Dec 28 08:55:43 pfsense2 ipfw-classifyd: Reloading config...
Dec 28 08:55:43 pfsense2 ipfw-classifyd: Reloading config...
Dec 28 08:55:43 pfsense2 ipfw-classifyd: Loaded Protocol: http (rule dnpipe)
Dec 28 08:55:43 pfsense2 ipfw-classifyd: Loaded Protocol: bittorrent (rule action block)
Dec 28 08:55:43 pfsense2 ipfw-classifyd: Loaded Protocol: edonkey (rule action block)
Dec 28 08:55:43 pfsense2 ipfw-classifyd: Loaded Protocol: freenet (rule action block)
Dec 28 08:55:43 pfsense2 ipfw-classifyd: Loaded Protocol: tor (rule action block)
Dec 28 08:56:04 pfsense2 php: : pfsync done in 30 seconds. <<<<<<<------------------ WOOOOO !!
Dec 28 08:56:04 pfsense2 php: : Configuring CARP settings finalize...
Dec 28 08:56:04 pfsense2 kernel: wan_vip10: link state changed to DOWN
Dec 28 08:56:04 pfsense2 kernel: wan_vip10: INIT -> BACKUP
Dec 28 08:56:04 pfsense2 kernel: wan_vip10: link state changed to DOWN
Dec 28 08:56:04 pfsense2 kernel: wan_vip13: link state changed to DOWN
Dec 28 08:56:04 pfsense2 kernel: wan_vip13: INIT -> BACKUP
Dec 28 08:56:04 pfsense2 kernel: wan_vip13: link state changed to DOWN
Dec 28 08:56:04 pfsense2 php: : Message sent to CRIC@grenoble.cnrs.fr OK
Dec 28 08:56:04 pfsense2 php: : Message sent to CRIC@grenoble.cnrs.fr OK
Dec 28 08:56:05 pfsense2 php: : waiting for pfsync...
Dec 28 08:56:05 pfsense2 php: : pfsync done in 0 seconds.
Dec 28 08:56:05 pfsense2 php: : Configuring CARP settings finalize...
Dec 28 08:56:05 pfsense2 php: : ROUTING: setting default route to XX.XX.XX.XX
Dec 28 08:56:05 pfsense2 php: : ROUTING: setting IPv6 default route to 2001:yyyy:yy:yy::yyI try to change the code in /etc/inc/interfaces.inc (line 1826) to 60s and the pfsync takes 60s !
I think there is a problem to exchange the states in the test. I have 2649 entries in the state table...My questions are :
- Why does it take so much time to exchange the states ?
- Why the process is launched two times ? (the second takes 0s, see logs)
- Why the WAN link state goes DOWN ? There is two CARP on it (one IPv4 and one IPv6). The WAN link is direct link, no VLAN.
-
Try next snapshot i put a fix that was causing this issue it should behave better now.
-
OK I will try the snapshot wednesday. Thanks a lot !