CARP + pfsync problem
i have 2 Soekris net4801 machines (http://www.soekris.com/net4801.htm) and i try to make a small cluster with.
After reading the tutorial from here (http://pfsense.loquefaltaba.com/tutorials/carp/carp-cluster-new.htm) i start my configuration:
i have this config :
FW-1 : wan (sis1) - x.x.x.183 FW-2 : wan (sis1) - x.x.x 184
lan (sis0) - 192.168.42.95 lan (sis0) - 192.168.42.96
opt1 (sis2) - 192.168.200.1 < crossover-cable > opt1 (sis2) - 192.168.200.2
I set the virtual IP for CARP-WAN x.x.x.181 and the virtual IP for CARP-LAN 192.168.42.190
The problem is that after all the configuration the STATUS->CARP from the second machine is empty. (on the left one it's ok).
Could be the crossover cable? or something alse?
p.s durring the configuration i notted that when i should make the VIRT.IP->CARP SETTINGS i never find the Preemption option.
nobady made it?
hoba last edited by
The preemption setting is gone as it is enabled by default now behind the scenes. If your backup is empty it means something went wrong with the config sync from master to slave. Make sure you have set up firewallrules on the slave to accept the config sync and that password and so on is correct and you have checked all neccessary sync options. In case a sync goes wrong you usually get an alert. What do your systemlogs tell you when you save settings? This usually triggers a sync (if setup correctly and the settings are configured to be synced over).
so my setup was this:
-firewall->rules->opt1(or sync)->add -on fw-1
-firewall->rules->opt1(or sync)->add -on fw-2
-firewall->V.IP->CARP set->syncronize enbled -on fw2
-firewall->V.IP->CARP set->syncronize enbled,sync rules, sync nat, sync V.ip /sync to ip 192.168.200.2, & passwd -on fw-1
-firewall->V.IP->Add->carp, WAN + ip wan x.x.x.181 (wan-carp) -on fw-1
-firewall->V.IP->Add->carp, LAN + ip lan 192.168.42.190 (lan-carp) -on fw-1
-firewall->NAT->Outbound->edit rule-add target wan-carp.
The fw-1 tell me this: A communication error occured while attempting XMLRPC to sync with username admin https://192.168.200.2:443
seems that i don't have connections between 192.168.201 and 192.168.42.202 trough the crossover cable.
i don't know wath the problem was, but after an undesired reboot it just work fine.
Thank you for all.
Matts last edited by
~~I'm ending up with the same problem on a 1.2 STABLE release.
- both machines up-to-date
- usernames the same
- passwords the same
- firewall rules on the SYNC interfaces on * * * *
I also rebooted both machines, but this gives no clue.
HTTPS or HTTP set on both machines doesn't make any difference also.
What could be wrong here ?~~
I have solved this issue. It should have been a subnet that needed to be test on /24… this was also in the second trouble shooting part.