Netgate XG-7100-1U - Upgrading Pfsense on a High Availability Cluster

To Next Page

To Previous Page

Product ManualXG-7100-1U

2.5.5 Troubleshooting Local Services

DNS Resolution

If local clients are unable to obtain DNS responses from a CARP VIP on the cluster, check the following items:

• If using the default DNS Resolver (unbound), visit Services > DNS Resolver and click Save on the primary to

ensure the default values are fully respected.

• If using either the DNS Resolver or DNS Forwarder, ensure the daemon is conﬁgured to listen on All interfaces

or at least Localhost and the internal CARP VIPs.

• Ensure the local interface ﬁrewall rules pass both TCP and UDP port 53 to the CARP VIPs used for local DNS.

• Ensure the ﬁrewall itself has DNS servers conﬁgured under System > General, especially if using the DNS

Forwarder (dnsmasq) instead of the DNS Resolver (unbound).

DHCP

If the DHCP failover pool status does not reach “normal”, there are a few items to check:

• Ensure both units are connected to the same switch/subnet on the correct interface.

• Verify connectivity between the two units on that interface.

• Ensure the failover peer IP address has been properly conﬁgured

• Ensure that there is a CARP VIP on the interface in question

• Ensure that the CARP VIP on the primary node has a skew of 0 or 1, and the secondary has a skew of 100 or

higher.

• If all else fails:

– Click to stop the DHCP service from Status > Services on both nodes

– Visit Diagnostics > Command Prompt on both nodes

– Run the following command in the Shell Execute box on both nodes: rm /var/dhcpd/var/db/

dhcpd.leases

– Click to start the DHCP service from Status > Services on both nodes

2.6 Upgrading pfSense on a High Availability Cluster

There is more to updating a cluster than the typical process, but in all updating a cluster is much less disruptive as the

users will not have any downtime in most all cases.

If at any point in this procedure a failure condition is encountered, seek assistance from support.

2.6.1 Review the Changelog and Upgrade Guide

Before starting any part of an upgrade, ﬁrst look at the Netgate Blog and release changelogs for any notable changes

or items to be aware of between the version currently in use and the one that will be in use after upgrading.

Common issues are also listed in the upgrade guide, especially for major version upgrades.

2.6. Upgrading pfSense on a High Availability Cluster 64

Other manuals for Netgate XG-7100-1U