Option to set CARP interfaces to 'maintenance mode', persisting through a reboot so the primary machines stays as backup/inactive
Option to set CARP interfaces to 'maintenance mode', persisting through a reboot so the primary machines stays as backup/inactive.
This is required when there are some problems (possibly with the hardware) and the primary machine needs to be booted and checked again before becoming 'master'. Currently it will take back the master state during reboot even though there might still be problems or some re-configuring to do..
My attempts to provide this option for 2.2 and 2.1 have been rejected. Some discussion there also about it being or not being needed..
https://github.com/pfsense/pfsense/pull/851 and https://github.com/pfsense/pfsense/pull/957
These commits can be installed through 'system patches' package, which will help for maintenance. But remember that wont work with installing a pfSense upgrade.
#1 Updated by Chris Buechler over 5 years ago
It hasn't been rejected because it's not needed (though Ermal said that initially, I know that's not the case from experience, as I noted on pull 851 in more detail) on the second attempt at least, that was because it was against RELENG_2_1 and that's a feature-frozen branch.
Ermal can comment further if needed, but I think your second attempt addressed all his concerns and should be acceptable to merge to master if you can submit another request.
#4 Updated by Trond Vindenes over 5 years ago
Using "2.2-ALPHA (amd64) built on Fri Aug 15 14:31:24 CDT 2014".
When the master exits persistent carp maintenance mode, it still stays as the backup node. Is this by design, or a bug? After I've exited the maintenance mode, I need to press "temporarily disable carp", and then "enable carp" for it to become the master again.
#7 Updated by Pi Ba over 5 years ago
Ok, so to 'fix' the behavior, give master a skew of 1 , slave will sync to 101, and everything will work as it is supposed to be. Or at least that's what i expect, haven't tested it in a while..
As for the proper fix i am not sure if pfSense should simply not allow a skew of 0, and use 1 as a default which would probably be the simplest, or perhaps FreeBSD internals should be fixed to also allow 'setting' the skew back to 0, though i am unsure how big an change that would require.
#8 Updated by Trond Vindenes over 5 years ago
Tried to change skew from 0 to 1, but I might have detected a new bug. I'm unable to change a CARP IP after it has been created. Even just changing the description results in this error message:
The following input errors were detected: This IP address is being used by another interface or VIP.
Dropped all the CARP interfaces, and recreated them with skew set to 1 and 101, and now it works properly. Will test the above some more, and create a new issue.