Surprisingly, the VRRP failover to slave is not triggered by all WAN links being in health check failed ( ).
My request is simple, to add it as a trigger element to swap between master/slave.
I have a ticket open and Iâll get a special firmware to support it but I was really surprised about that, I think others need to know. It is always advertised as âif WAN is Disconnectedâ, meaning that the ethernet port is âlink downâ but in many scenarios with switches, port will stay up !
WAN health check failure shouldnât trigger the HA failover based on the design. Do allow me to explain this. WAN health check failure is due to the WAN interface failed to contact the health check target (e.g. 8.8.8.8). Normally, this is caused by the WAN connection (WAN link). For example, when WAN1 of the master device failed to contact 8.8.8.8, the slave device will face the same problem even the HA failover is triggered (since the master and slave are connected to the same WAN link). So, from the design point of view, there is no point to trigger failover when the WAN health check failure.
Anyway, maybe you have a special used case of this. Can you help to elaborate more of your used case?
Switch port of the master can be faulty, configuration of the switch or firewall can have issues for the master, lines behind master and slave can be different ( to avoid lightning damaging both master and slave) ⊠Master could be a fixed WAN only (balance) and slave a full wireless WAN (HD2 dome) âŠ
I see many reasons to have different WANs behaviour and a failover trigger.
HA failover will be triggered for the situation above since the slave device failed to receive VRRP hello packet from the master device.
We wish to know more about this deployment. This used case may help for the feature development. Any reason the WAN link for master and slave devices is different? Both master and slave devices are not next to each other?
Hello,
I canât remember the state of the link in the GUI.
But, Iâm sure that NO WAN Cable were plugged into to the device.
I plugged this device to the network (LAN interface ONLY, the device was configured with HA master priority), and even if NO WAN cables were plugged, the device takeover⊠In my point of view, the device should stay in Slave state because no WAN cabled were pluggedâŠ
Configuration issue that could cause a complete isolation of the site. Only way to recover would have been to poweroff the master. Switch ports were up, no failover triggered.
@TK_Liew was this ever included in any special builds and if so would it be posible to get access to these. We have a customer who has found that they are vulnerable to this failure mode on a dozen sites where they have implemented VRRP and they are really keen to get a solution to fix this.
@MartinLangmaid@James_Webster5240 please submit a ticket and attention it to me if you have a POC or on going project after having a discussion with engineering team. Please let me know your use case. Thanks.
).
