On 2012 Mar 07 (Wed) at 15:58:21 +0200 (+0200), Kapetanakis Giannis wrote: :Hi, : :I'm running a setup of Active/backup firewalls with carp/pfsync :successfully for the last year. : :Today I've upgraded the primary firewall to the latest snapshot (12 Feb), :and as soon as the firewall booted it became MASTER before pfsync :bulk transfer completed. : :Mar 7 15:42:04 echidna /bsd: carp: pfsync0 demoted group carp by 1 :to 133 (pfsync bulk start) :Mar 7 15:42:04 echidna /bsd: carp: pfsync0 demoted group pfsync by 1 :to 1 (pfsync bulk start) :Mar 7 15:42:04 echidna /bsd: carp: pfsync0 demoted group carp by -1 :to 128 (pfsyncdev) :Mar 7 15:42:04 echidna /bsd: carp: pfsync0 demoted group pfsync by :-1 to 0 (pfsyncdev) : :At this point carp group is also automatically demoted to 0-zero and :it takes over as MASTER.
Can you show this piece from the logs? Do you have additional logs? How are the interfaces connected, do you have a dedicated link for the pfsync traffic? Can you also share your ruleset? :I manually did ifconfig -g carp carpdemote to force it to SLAVE :in order for pfsync bulk transfer to complete and don't loose active :connections. : :Mar 7 15:46:11 echidna /bsd: carp: pfsync0 demoted group carp by -1 :to 0 (pfsync bulk done) :Mar 7 15:46:11 echidna /bsd: carp: pfsync0 demoted group pfsync by :-1 to 0 (pfsync bulk done) : :Secondary firewall is running 5.0 GENERIC#96 i386 from 21 Nov 2011. :Can it be a mis-communication between the 2 firewalls due different :versions? : :regards, : :Giannis : -- Perfect day for scrubbing the floor and other exciting things.
