Yes but you do not want "Synchronize to IP" enabled on the backup unless its syncing to a third machine.
On 2/10/06, Tom Müller-Kortkamp <[EMAIL PROTECTED]> wrote: > And the frist one "Synchronize Enabled" has to be enabled too, so > that CARP-Interfaces got create by pfsense ... > but thats not the Problem ... > > Am 09.02.2006 um 17:06 schrieb Scott Ullrich: > > > That's not correct, you want atleast preemption if the option is > > avaialble. > > > > On 2/9/06, Tom Müller-Kortkamp <[EMAIL PROTECTED]> wrote: > >> All CARP-Settings are disabled on the slave-host ... > >> > >> Am 08.02.2006 um 17:40 schrieb Bill Marquette: > >> > >>> By any chance do you have any of these: > >>> Synchronize rules > >>> Synchronize aliases > >>> Synchronize nat > >>> Synchronize ipsec > >>> Synchronize Wake on Lan > >>> Synchronize Static Routes > >>> Synchronize Load Balancer > >>> Synchronize Virtual IPs > >>> Synchronize traffic shaper > >>> Synchronize DNS Forwarder > >>> Synchronize to IP > >>> > >>> Checked or filled in (especially the Synchronize to IP) on the > >>> secondary? If so, you've got a sync loop. > >>> > >>> --Bill > >>> > >>> > >>> On 2/8/06, Tom Müller-Kortkamp <[EMAIL PROTECTED]> wrote: > >>>> # ps axuw | grep php > >>>> root 39417 57.7 8.4 10540 10236 ?? R 5:30PM 0:07.84 / > >>>> usr/ > >>>> local/bin/php /usr/local/www/xmlrpc.php > >>>> root 39486 0.0 0.5 1464 668 p0 R+ 5:30PM 0:00.01 > >>>> grep php > >>>> > >>>> never heard of "php + console bug", can you explain? I can't > >>>> deactivate console ... > >>>> > >>>> Am 08.02.2006 um 17:09 schrieb Scott Ullrich: > >>>> > >>>>> My backup firewall has a load of 0.00. > >>>>> > >>>>> Login to it and do a ps awux | grep php. I bet the php + > >>>>> console bug > >>>>> is biting you. > >>>>> > >>>>> On 2/8/06, Tom Müller-Kortkamp <[EMAIL PROTECTED]> wrote: > >>>>>> with a advskew >= 100, but I have a WRAP as failover FW and it > >>>>>> has a > >>>>>> load > 2 > >>>>>> is there a way to reduce the Updates send by the master? > >>>>>> > >>>>>> last pid: 77078; load averages: 2.22, 2.29, > >>>>>> 2.22 up 1+17:14:11 > >>>>>> 08:46:56 > >>>>>> 34 processes: 2 running, 32 sleeping > >>>>>> CPU states: 58.5% user, 6.2% nice, 10.1% system, 2.7% > >>>>>> interrupt, > >>>>>> 22.5% idle > >>>>>> Mem: 19M Active, 7832K Inact, 15M Wired, 52K Cache, 12M Buf, 75M > >>>>>> Free > >>>>>> > >>>>>> Am 07.02.2006 um 21:32 schrieb Holger Bauer: > >>>>>> > >>>>>>> It's intended to sync to backup with an advskey +100 to make it > >>>>>>> automatically the failovernode. Do you have DHCP at your > >>>>>>> interfaces? CARP and DHCP won't work together. > >>>>>>> > >>>>>>> Holger > >>>>>>> > >>>>>>>> -----Original Message----- > >>>>>>>> From: Jure Pecar [mailto:[EMAIL PROTECTED] > >>>>>>>> Sent: Tuesday, February 07, 2006 7:36 PM > >>>>>>>> To: support@pfsense.com > >>>>>>>> Subject: [pfSense Support] carp, still ... > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> I'm now running 2-5-06 snapshot and I'm still confused about > >>>>>>>> carp. Either I understand it tottaly wrong or something is > >>>>>>>> seriously broken. > >>>>>>>> > >>>>>>>> I have two machines and I want to have the more powerful one > >>>>>>>> as carp master. The weaker one should be taking over only > >>>>>>>> when master goes down. As I understand carp, I am able to > >>>>>>>> achieve this by setting smaller advskew on master than on > >>>>>>>> backup. > >>>>>>>> > >>>>>>>> So here I have 4 carp interfaces, playing roles of wan and a > >>>>>>>> couple of vlans for lan, dmz and so on. They are configured > >>>>>>>> under virtual IPs tab and have advertising frequency set to 0 > >>>>>>>> on master and 100 on backup. As I understand things, this > >>>>>>>> shoud do what > >>>>>>>> I want. But, after a clean reboot, I get this: > >>>>>>>> > >>>>>>>> on master: > >>>>>>>> # ifconfig -a |grep carp > >>>>>>>> carp0: flags=49<UP,LOOPBACK,RUNNING> mtu 1500 > >>>>>>>> carp: MASTER vhid 1 advbase 1 advskew 0 > >>>>>>>> carp1: flags=8<LOOPBACK> mtu 1500 > >>>>>>>> carp: INIT vhid 2 advbase 1 advskew 0 > >>>>>>>> carp2: flags=8<LOOPBACK> mtu 1500 > >>>>>>>> carp: INIT vhid 3 advbase 1 advskew 0 > >>>>>>>> carp3: flags=8<LOOPBACK> mtu 1500 > >>>>>>>> carp: INIT vhid 4 advbase 1 advskew 0 > >>>>>>>> > >>>>>>>> on backup: > >>>>>>>> # ifconfig -a |grep carp > >>>>>>>> carp0: flags=49<UP,LOOPBACK,RUNNING> mtu 1500 > >>>>>>>> carp: MASTER vhid 1 advbase 1 advskew 100 > >>>>>>>> carp1: flags=49<UP,LOOPBACK,RUNNING> mtu 1500 > >>>>>>>> carp: MASTER vhid 2 advbase 1 advskew 100 > >>>>>>>> carp2: flags=49<UP,LOOPBACK,RUNNING> mtu 1500 > >>>>>>>> carp: MASTER vhid 3 advbase 1 advskew 100 > >>>>>>>> carp3: flags=49<UP,LOOPBACK,RUNNING> mtu 1500 > >>>>>>>> carp: MASTER vhid 4 advbase 1 advskew 100 > >>>>>>>> > >>>>>>>> > >>>>>>>> So ... what exactly is going on here with master? Why does it > >>>>>>>> not go past init? And how can two machines with different > >>>>>>>> advskew be both masters? > >>>>>>>> > >>>>>>>> Sysctl -a | grep carp shows net.inet.carp.suppress_preempt: 3 > >>>>>>>> on master and 0 on backup. So ther IS something going on. > >>>>>>>> > >>>>>>>> There are a couple of arp_rtrequest: bad gateway <ip> > >>>>>>>> (!AF_LINK) entries in dmesg, where <ip> is always an ip of > >>>>>>>> carp interface. Is this really just a cosmetic issue? > >>>>>>>> > >>>>>>>> If I disable carp on backup and manually ifconfig down; > >>>>>>>> ifconfig up every carp interface in INIT on master, it > >>>>>>>> becomes master as it should, with advskew 0: > >>>>>>>> > >>>>>>>> # ifconfig -a | grep carp > >>>>>>>> carp0: flags=49<UP,LOOPBACK,RUNNING> mtu 1500 > >>>>>>>> carp: MASTER vhid 1 advbase 1 advskew 0 > >>>>>>>> carp1: flags=49<UP,LOOPBACK,RUNNING> mtu 1500 > >>>>>>>> carp: MASTER vhid 2 advbase 1 advskew 0 > >>>>>>>> carp2: flags=49<UP,LOOPBACK,RUNNING> mtu 1500 > >>>>>>>> carp: MASTER vhid 3 advbase 1 advskew 0 > >>>>>>>> carp3: flags=49<UP,LOOPBACK,RUNNING> mtu 1500 > >>>>>>>> carp: MASTER vhid 4 advbase 1 advskew 0 > >>>>>>>> > >>>>>>>> But then I enable carp on backup, and I get this shit again: > >>>>>>>> > >>>>>>>> on master: > >>>>>>>> # ifconfig -a | grep carp > >>>>>>>> carp0: flags=49<UP,LOOPBACK,RUNNING> mtu 1500 > >>>>>>>> carp: MASTER vhid 1 advbase 1 advskew 0 > >>>>>>>> carp1: flags=49<UP,LOOPBACK,RUNNING> mtu 1500 > >>>>>>>> carp: BACKUP vhid 2 advbase 1 advskew 0 > >>>>>>>> carp2: flags=49<UP,LOOPBACK,RUNNING> mtu 1500 > >>>>>>>> carp: BACKUP vhid 3 advbase 1 advskew 0 > >>>>>>>> carp3: flags=49<UP,LOOPBACK,RUNNING> mtu 1500 > >>>>>>>> carp: BACKUP vhid 4 advbase 1 advskew 0 > >>>>>>>> > >>>>>>>> on backup: > >>>>>>>> # ifconfig -a | grep carp > >>>>>>>> carp0: flags=49<UP,LOOPBACK,RUNNING> mtu 1500 > >>>>>>>> carp: MASTER vhid 1 advbase 1 advskew 100 > >>>>>>>> carp1: flags=49<UP,LOOPBACK,RUNNING> mtu 1500 > >>>>>>>> carp: MASTER vhid 2 advbase 1 advskew 100 > >>>>>>>> carp2: flags=49<UP,LOOPBACK,RUNNING> mtu 1500 > >>>>>>>> carp: MASTER vhid 3 advbase 1 advskew 100 > >>>>>>>> carp3: flags=49<UP,LOOPBACK,RUNNING> mtu 1500 > >>>>>>>> carp: MASTER vhid 4 advbase 1 advskew 100 > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> Also, if I have enabled "Virtual IP synchronisation" under > >>>>>>>> carp settings and change advskew from 0 to 1 on master, it > >>>>>>>> becomes 101 on backup. I have a feeling that advskew setting > >>>>>>>> should be excluded from synchronizing ... > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> -- > >>>>>>>> > >>>>>>>> Jure Pecar > >>>>>>>> http://jure.pecar.org > >>>>>>>> > >>>>>>>> > >>>>>>>> --------------------------------------------------------------- > >>>>>>>> -- > >>>>>>>> -- > >>>>>>>> -- > >>>>>>>> To unsubscribe, e-mail: [EMAIL PROTECTED] > >>>>>>>> For additional commands, e-mail: [EMAIL PROTECTED] > >>>>>>>> > >>>>>>>> > >>>>>>> > >>>>>>> ____________ > >>>>>>> Virus checked by G DATA AntiVirusKit > >>>>>>> > >>>>>> > >>>>>> -- > >>>>>> kommunity GmbH & Co.KG > >>>>>> Tom Müller-Kortkamp > >>>>>> Netzwerke & Internet > >>>>>> Goseriede 4 > >>>>>> D-30159 Hannover > >>>>>> > >>>>>> Phone +49 (0)5 11 - 80 72 58 0 > >>>>>> Fax +49 (0)5 11 - 80 72 58 10 > >>>>>> http://www.kommunity.net > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>> > >>>>> ------------------------------------------------------------------ > >>>>> -- > >>>>> - > >>>>> To unsubscribe, e-mail: [EMAIL PROTECTED] > >>>>> For additional commands, e-mail: [EMAIL PROTECTED] > >>>>> > >>>> > >>>> -- > >>>> kommunity GmbH & Co.KG > >>>> Tom Müller-Kortkamp > >>>> Netzwerke & Internet > >>>> Goseriede 4 > >>>> D-30159 Hannover > >>>> > >>>> Phone +49 (0)5 11 - 80 72 58 0 > >>>> Fax +49 (0)5 11 - 80 72 58 10 > >>>> http://www.kommunity.net > >>>> > >>>> > >>>> > >>>> > >>>> > >>> > >>> -------------------------------------------------------------------- > >>> - > >>> To unsubscribe, e-mail: [EMAIL PROTECTED] > >>> For additional commands, e-mail: [EMAIL PROTECTED] > >>> > >> > >> -- > >> kommunity GmbH & Co.KG > >> Tom Müller-Kortkamp > >> Netzwerke & Internet > >> Goseriede 4 > >> D-30159 Hannover > >> > >> Phone +49 (0)5 11 - 80 72 58 0 > >> Fax +49 (0)5 11 - 80 72 58 10 > >> http://www.kommunity.net > >> > >> > >> > >> > >> > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > -- > kommunity GmbH & Co.KG > Tom Müller-Kortkamp > Netzwerke & Internet > Goseriede 4 > D-30159 Hannover > > Phone +49 (0)5 11 - 80 72 58 0 > Fax +49 (0)5 11 - 80 72 58 10 > http://www.kommunity.net > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]