Upgrade procedure 2.1.5->2.2 with CARP active

  • When upgrading pfSense (e.g. 2.1.4->2.1.5) , I usually do stuff on the backup machine, and if it's completed I execute the upgrade stuff on the other  machine while the backup is the temporary CARP master; the usual HA-procedure.

    The feature list for pfS2.2 states some differences for CARP, so I wonder how reliable a 2.1.5/2.2 mixed environment might be. Since I have to upgrade some more service I'm running on pfSense, it will take some hours to upgrade all services (named, slapd…) , the router pair will be in a mixed 2.1.5/2.2 configuration for a prolonged time.

    Is a mixed configuration expected to be stable or is it advisable to re-configure the non-upgraded master to non-CARP interfaces to avoid conflicts?

  • https://doc.pfsense.org/index.php/Upgrade_Guide#Upgrading_High_Availability_Deployments

    I've upgraded a CARP system from 2.1.4 as described there. No issue.
    However, in CARP mixed mode 2.1.x + 2.2 the states are not synced to slave, so connections are lost if the 2.1.x master take over CARP master again. E.g. if you restart the machine. If you don't want that pull out the WAN cable.