Master/Slave Manual Failover



  • I have a question. I cant seem to find an answer by searching, so Im hoping someone could shed some light for me on this:

    I have a Master/Slave PfSense 2.2 setup. Its working great, no issues so far. My question is this:
    When the master goes down, and the slave takes over, once I repair the issue on the master and bring it back online, can it stay as a slave now?

    I don't want to have it where the master goes down, slave takes over, once the master is repaired, it goes back online and becomes master again? I don't want that.

    MASTER - Fails due to switch port goes bad.
    Slave - Takes over as master.
    MASTER - I plug the connections to a new switch. Master is back online.
    Slave STAYS as MASTER.
    The old MASTER goes into slave mode and becomes ready for when the new master fails.

    Can this be accomplished with PfSense 2.2?
    Thanks…



  • If you want to set it this way, I think you'll have to go into the CARP settings and change the weight given to each box in order for the new master to stay master.



  • Thank you. I did that already. Each CARP has its own weight, showing master with advskew=0 and slave advskew=100
    But, when the Master Firewall goes down, due to a switch port problem or power, and it comes back online on its own, then the switch takes  place where the slave gives back its master state back to the master firewall cause its back online.
    I hope I explained it properly.
    Thanks…



  • You can accomplish that with the "Persistent CARP Maintenance Mode" on 2.2. Just click that button under Status>CARP and it'll bump the advskew on that system to 254, leaving it in backup status unless the secondary disappears.