CARP bug



  • Hi,
    I wanted to test a NIC card failure and added another  switch between the WAN Interface and WAN switch. Then disconnected second switch from the WAN switch so WAN interface is still up but there were no traffic on it. The status of main pfsense has not changed (master,master). Backup pfsense has noticed the change and has switched from (backup,backup) to (master,backup). So here we are - 2 masters.

    Any ideas?



  • if you disconnect the paster pfsense fw it shout show you that the wan connection is failed.now the slave machine shoud switch from back-up to master.if this happens all is ok.



  • Thank you for the quick reply. I have tried and it worked.

    I'd like to know if it possible to switch to the slave machine if a NIC card has died (that is no traffic) on a master machine but still shows UP (connected) state.



  • i belive that the normal way to be is if you lose the wan eth on fw-1 he switch automaticaly on fw-2. which eth you want to be dead (in you example)? because the master fw only controll the cluster by replicate the configuration with the second one.=> that you have the same conf on bouth fw. si if one faild the second one became master.
    be more explicit



  • I have setup pfsense 1.2
    Let say fw1 is a master, fw2 - slave.
    A NIC card (WAN) died on fw1 (master) in that way that it shows to be connected (UP) but no traffic is going through it (it was a real situation).
    fw1 remains (master,master), fw2 switches to (master, backup) state currently.
    I'd like that fw2 becomes master instead until NIC card gets replaced.



  • that CARP/pfsync are suppose to do in this cluster config  ;D. maybe if the interface died like this, pfsense gui interface is not able to refresh the state about died-wan.but the important thing is that you have redundancy working.



  • Unfortunately it does not work. The pfsense claster jumps to the state fw1(master, master) fw2(master,backup) except of fw1(backup,backup) fw2(master,master).



  • did you check the log's? cz is verry strange.


Locked