CARP Not syncing correctly?
-
For some reason any time i make changes to the Master the slave isnt being updated correctly.
EXAMPLE:
If i add a new VIP on Master it never syncs to SlaveIf i add a new DNS entry for a domain over-ride on Master it will sync to Slave how ever if i delete that entry from Master Slave does not Update
I have all check boxes marked to SYNC everything from the master.. attached is a screen shot of the master and Slave CARP configuration
MASTER SYNC int : 1.1.1.1
SLAVE SYNC int : 1.1.1.2
MASTER LAN : 10.1.10.1
SLAVE LAN : 10.1.10.2
FLOATING LAN : 10.1.10.3Anyone have any clue what i'm doing wrong?
Thanks!
-
Hi,
you have setup the real interfaces on both firewalls (with same network mask) so that the CARP IP can be added in the known network onto slave firewall, too ?
-
You have configured FW1 to sync its states via the SYNC interface, using the the LAN IP Address of FW2.. Leave this field blank on BOTH firewalls. Also, you'll need to make sure that you have a rule on SYNC that permits pfSync traffic from SYNC subnet to SYNC Address.
On any interface(s) with CARP, ensure that you specify a rule that says 'permit carp from LAN subnet to LAN address'.
On your LAN, you may also want to add a 'permit tcp from LAN subnet to LAN address on port 519' to ensure that the DHCP Fail-over communications are permitted through.
Other than that, it looks correct.