I’m having some difficulties with the HA module as it relates to the floating IP address.
I noticed that although the floating IP becomes available on the active node, and phones register to the system just fine using that address, the default route and link local route do not update to utilize the floating IP as primary. It uses the node IP address as primary instead.
This would create an issue with external firewall static NAT for internet SIP trunks. e.g.
10.1.1.0/24 dev em1 proto kernel scope link src 10.1.1.1
172.29.6.0/24 dev em4 proto kernel scope link src 172.29.6.1
default via 10.1.1.20 dev em1
If I’m forced to use static NATs because PAT + SIP ALG doesn’t work right, that means I’d have to create NATs for 10.1.1.1 and 10.1.1.2, not the floating IP. It would also then create an issue with the Asterisk SIP settings for NAT Public IP, which would have to be updated upon node failover.
Anyone ever encounter this scenario and have suggestions? How can I force the preferred source IP to be the floating IP?
This doesn’t appear to be related to FreePBX, except that it was the way you noticed it. When you use dynamic addresses, you have to make sure that all of your devices are compatible. Asterisk (and hence, FreePBX) supports dynamic addresses for the external IP address in SIP, but you do that using DDNS names and the resulting addresses work.
Your description doesn’t really get me to where I need to be to make any good suggestions. You’re using an HA configuration (which means your phone application is critical) but you don’t even have a static IP address for your network ingress (that seems unusual to me).
This sounds like a job for a PERL script designed to reconfigure your router’s NAT settings when it discovers a failover scenario.
Of course, that doesn’t even begin to cover the ARP caching problems you are going to have if your are trying to change addresses on your network interfaces with some kind of ARP poison.
Does the system work without the HA piece? That would be a good place to start. After that, the rest of your network configuration problem can be addressed one at a time.
Floating in this context is the correct term. In a FreePBX HA cluster, each node has a LAN IP, and there is a third LAN IP that floats between the two and is always bound to the active node. This enables phones to register to the active node without needing to know which node is active.
FYI, I figured it out based on someone else’s post. I do have a static IP (a whole /28 block in fact), with one statically nat’ed for my pbx floating IP address. However, the problem is the NAT doesn’t match if the nodes initiate connectivity from their node IP rather than the floating, which is the case.
The fix is under chan sip settings, Other SIP Settings.
bindaddr =