Unbound CARP problem
-
I've upgraded my HA secondary (KVM) to 2.3 BETA, just as a quick test for my configuration and disabled CARP on my Primary HA member (2.2.6).
DNS would not work anymore.
There seems to be a bug with CARP IPs and Unbound. I have 4 CARP IPs (residing on LAN (lan), WAN1 (wan), WAN2 (opt2), DMZ (opt1)) and Unbound only offers the DMZ CARP IP to listen on. The others are not selectable/shown. In 2.2.6 they show up fine. Maybe a bug in the parser?Also, Zabbix-agent configuration didn't survive the upgrade. It seems the package got renamed and the config is gone because of that?
-
Just noticed that it's not just Unbound. NTP config is also missing 3 of my 4 CARP IPs.
-
Known issue, can be worked around. IIRC you can work around it by editing and saving the CARP VIPs.
https://redmine.pfsense.org/issues/5441
https://redmine.pfsense.org/issues/4858 -
So, if I get this right, my CARP config is missing those uniqid entries.
If I add a new CARP IP, the config shows something like:<uniqid>569dc42e35bb1</uniqid>
If I just edit a CARP alias and save again, all it gets is:
That does not seem to be enough for CARP to show up in Unbound/NTP.
Are these uniqid numbers random? Can I just make some up, edit the config XML and reboot the primary HA member?
-
They are randomized but follow a pattern, you can generate one with PHP's uniqid() function
-
This is now fixed.
2.3 was missing the upgrade code to cope with CARP changes.
The upgrade process was reviewed and fixed.