Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsync isn't syncing states

    2.2 Snapshot Feedback and Problems - RETIRED
    2
    3
    992
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      vindenesen
      last edited by

      Hi,

      I'm using "2.2-BETA (amd64) built on Fri Sep 19 10:13:16 CDT 2014" NanoBSD, two firewalls in a CARP setup. Pfsync (state sync) doesn't seem to be working properly. When I save the settings on the system_hasync.php page on the primary firewall, a session with protocol pfsync appears in the states page, but I can't see that the states are being transfered to the backup server (maybe a few states, but far from all). After a couple of minutes, that pfsync session disappears from the state page.

      I'm using DHCP on WAN, and I'm fully aware of that connections towards the Internet will be broken when a failover occurs (since it's a different WAN IP address). But the internal traffic between VLANs should not need to be reestablished, as is the case now. My current setup is an upgrade from 2.1.5, where this worked properly.

      The pfsync interfaces has a rule that allows all IPv4 traffic on both firewalls (rules are also synced).

      I have also tested this in a test environment, where the WAN IP address was a static one (and thus the same on both nodes using a CARP IP) and the outgoing NAT rule used the CARP IP. Exactly the same happened there. States where synced for a little while, and then it stopped syncing.

      Support the project by buying a Gold Subscription at https://portal.pfsense.org
      Running pfSense on SuperMicro A1SRI-2758F with ESXi 5.5

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        I can confirm this, I also do not see any states being transferred.

        EDIT: Added as https://redmine.pfsense.org/issues/3876

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • V
          vindenesen
          last edited by

          Good to hear that it wasn't just me :)

          Support the project by buying a Gold Subscription at https://portal.pfsense.org
          Running pfSense on SuperMicro A1SRI-2758F with ESXi 5.5

          1 Reply Last reply Reply Quote 0
          • First post
            Last post