next »

[JeffSmart]

I discovered today that if you have created your interfaces on a CARP Backup pfSense firewall "in a different order than your primary firewall", than during XMLRPC syncronization I had two interfaces updated with another interface's rules.  The syncing even stopped after the SYNC interface rules on the Backup firewall were replaced with WAN2 rules.

I am using 2.0-RC1 (i386) built Mar 3 02:31:32 EST 2011 on both firewalls. I have 5 NIC's assigned as WAN1, LAN, WAN2, SYNC, WLAN on both firewalls.

Initially I could see the list of interface name tabs at the top of the Dashboard -> Firewall Rules were in a different order between Master and Backup firewalls.  At a hunch, I reversed the effected two physical interface NICs, Interface Names and IP/masks and applied the settings, repaired the wrong rule for SYNC interface and syncronization worked perfectly and the correct rules per interface were updated on the backup firewall. A pair of happy pfSense pups !
I expect there must be some stray hard coding linking the original OPT1, 2, 3 interface assignment rather than the user assigned Interface named ?

Again, many thanks guys for a brilliant tool !

[jimp]

CARP systems must have an identical set of interfaces in the exact same order.

That has always been the case.