CARP not syncing "Virtual IPs"

  • The Virtual IPs are not syncing to the backup firewall when additions or changes are made.
    In the High Availability Section, "Synchronize Virtual IPs" is checked.

    Contrary to what I have read about similar issue, adding and editing other rules does not add or update the virtual IPs on the backup.
    Performing a reboot on the Primary and Backup also does not update the backup.

    Manually adding the Virtual IPs to the backup works fine and are retained through reboots and other updates.

    If this has already been addressed, please provide info or link to the fix.
    Otherwise I believe this should be elevated to a bug.

  • Probably not a bug. Please review the basics:
    If you still have problems, please give details of your setup and any sync errors you are seeing in the logs.

  • You're adding a type of VIP that can't sync or it'll cause an IP conflict (IP alias not on a CARP parent, or proxy ARP), so you're probably seriously screwing up your network adding them to both.

  • @cmb:

    IP alias not on a CARP parent

    Thank you cmb, I see the error. I was adding the IP Alias to the "WAN interface" rather than the "WAN Carp interface".
    It really wasn't' that obvious when adding the IP Aliases since the default drop down value was already displaying WAN as a selectable item.
    Once I clicked to see the full list of choices the error was obvious.

    I had of course read and used the document dotdash refered to as a reference but since it isn't current and contains errors it isn't a document I would refer anyone to.
    FYI, the LAN ip addresses in the text portion don't correctly reference the ip's in the drawing.  To new people this can be confusing as it was to me at first.
    If the page ever gets updated (which I assume it will to add the new features of 2.2), maybe it wouldn't hurt to mention that additional IP Alias need to be added to the WAN CARP IP.

    Thanks for your time, much appreciated.

Log in to reply