Bug #5625
closed
CARP VHID auto-incremented ?
0%
Description
- Several pfSense clusters running spanned on an existing ESXi cluster, and using the same subnet for CARP
- A new host was added to the ESXi cluster, which did not have the proper setting for Net.ReversePathFwdCheckPromisc
- One instance of pfSense was moved to said new host
This of course led to CARP going haywire (both nodes in the same cluster reporting BACKUP)
We realized our mistake quickly and set up the Net.ReversePathFwdCheckPromisc to make CARP work.
But then another cluster started acting up, and a tcpdump indicated that we had a VHID conflict.
Even though I initially had set the VHID for this cluster as 1, upon looking back, now the VHID had been incremented to 54, which overlapped with the VHID used by another cluster, bringing that VIP down.
I reckon encountering something similar two years ago, precisely while fumbling around with ESXi configuration for CARP, and stumbled upon it this week again.
Does this behavior ring bells with anyone?
Updated by Stéphane Lapie over 9 years ago
If this behavior is really caused by pfSense, could there be an option to deactivate that auto-increment? (If this is, as I suspect, a way to avoid VHID problems or conflicts)
Updated by Chris Buechler over 9 years ago
- Status changed from New to Not a Bug
- Affected Version deleted (
2.2.5)
you have to take care to not cause conflicts with other CARP systems plus anything running VRRP on the same broadcast domain. Nothing anywhere in our code changes the VHID, someone set it the way you found it. Everything we do in this regard is correct.