Carp Failover - Only one interface doing failover
-
Hi
my pfSense cluster is connected to WAN on one side, and to DMZ & LAN on the other side. WAN, DMZ & LAN are all VIPs so they should do failover. However, when the DMZ interface of the primary node failed, CARP just moved the DMZ VIP to the backup node, LAN and WAN still were active on the primary node,…and that way the DMZ was just,...unreachable. I guess this is not intended, is it?
I can't see what I might configure different right now,...
-
I had the same thing going this weekend. My two-node PFsense cluster has 3 interfaces:
1. WAN connected to internet
2. DMZ
3. LANI was working remote and I wanted to test a failover situation without stopping my primary node, so I disabled my WAN interface on the primary so the backup could become primary. Instantly I lost connection and could not access my LAN anymore. I could connect to the backup (now primary) but not to the LAN (or DMZ). This seems logical as the backup now holds the WAN interface and the primary the other two DMZ and LAN interfaces. Of course no traffic was passed anymore between WAN and LAN/DMZ.
But this can't be the right solution for a failover cluster!!!
In my opinion the only way to solve this is not just have the backup take over the failing interface, but all connected interfaces (as it would when the entire primary node fails)!
Any other suggestions?
-
Anybody please… Developers?
-
Same problem here.
Anybody get this to work other than passthrough the NICs?
ESXi script to shut down the vSwitch if a NIC goes down? -
This doesn't seem a problem with pfSense. Probably a layer 2 issue. I've just set up a CARP failover on pfSense 2.3 (had to enable a couple options regarding MAC address on VMWare) and everything went fine with all interfaces failing over at the same time.
-
Pull the cable on one of the interfaces and tell me if the whole VM fails over.
-
That sounds like the interface stayed up but would not pass traffic any more, either due to something on either interface (primary or secondary) or something in layer 1 (bad pair out but not in maybe) or layer 2. It is not possible for HA to know what to do in that case. Disable CARP on the malfunctioning master or unplug the failed interface / shutdown the switch port and HA will shutdown CARP on all interfaces and swing to the backup.
The answer is more redundancy like LAGG interfaces to stacked switches so traffic will continue to pass in a carrier-up-but-no-traffic-passing situation on one interface.
This image is what I get when I change the VLAN on one interface's switch port so carrier stays up but traffic (including CARP) no longer passes between nodes.
