CARP issue?
-
I had a CARPed (for a live backup) version of pfSense2.0.1.
However, it was failing to correctly/smoothly make changes and reported an authentication error - somehow, it had 'lost' the password. So, I VGA accessed the box and set-up the password on the second box correctly - now I can GUI into it and pfSense no longer reports an authentication error when I make a change (to the shared address).
If I go directly into the IP address of each box, then the dashboard looks slightly different and the CARP status section only appears on one box. The two boxes have different DNS readings. That said, CARP says it is working. But, if I go to STATUS - CARP, whilst one says backup and the other master for all the vLans, at the bottom, the 'master' one lists 7 pfSync nodes and the 'backup' 8. Further, if I make a change to an interface name (description), it doesn't seem to copy through.
If I go into editing the CARP settings, on one box there are no entries for pfsync Synchronize Peer IP and Synchronize Config to IP - yet the other box (the 'master') has its own IP entered as pfsync Synchronize Peer IP and the other box in for Synchronize Config to IP .
Is it all correct? I am looking at upgrading to 2.2.2 very soon - but I have heard that CARP doesn't upgrade very well? Should I look at deCARPing?
-
Both boxes should have the pfsync section filled out usine each other's addresses.
The master should have the XMLRPC sync section filled out, sync config to IP points to backup box. No XMLRPC sync settings filled out on backup. -
So, the box that sits at 192.168.2.1 (master) should have 192.168.2.2 (slave) entered into 'pfsync Synchronize Peer IP' and 192.168.2.2 should have 192.168.2.1 entered into this box then?
And, in 'Synchronize Config to IP'under 'Configuration Synchronization Settings (XMLRPC Sync)', 192.168.2.2 should be entered on the master box, with nothing entered on the slave.
I'll do that next time I'm on-Site (as the remote VPN doesn't like 192.168.x.x and just lets me to the shared address of 10.64.0.1
Many thanks.