if I would like to setup a opnSense HA cluster of two nodes, what is the best practice to setup such an environment.
My preferred approach would be:
- setup the first node IP
- setup the physical interfaces
- setup the link aggregation(s)
- setup the VLANs
- setup the needed services
Now it is unclear for me (and also from the documentation), if I can setup a CARP (HA) with the second and if all these settings will be automatically synchronized to the second node?
Or do I need to resetup all the configurations also for the second node and afterwards to setup the CARP? If the later case is the fact and I need to setup some things redundantly on the second node:
- what are these things, which need to be done manually?
- is there any way to manually export these settings from first/master and to reimport to the second node?
There is a sync button to force syncing all stuff (which is selected in System : HA : Configuration), so no matter if you set up services before of after activating HA. Please know, HA (XMLRPC Sync) and CARP are not the same. XMLRPC only syncs the configuration, CARP is only a protocol to switch IP addresses on nodes, but it uses the HA link to exchange states. I for myself also use just HA Sync for a customer to exchange configuration to a passive standby node on a different DC.