Current image name: R81_996001397_10_07
Current image version: 397

Bit of and odd issue with a brand new 1800 HA Cluster which i wonder if anyone else has seen?.

All works well when left alone but if i log into the web ui on the secondary it seems to trigger packet loss on the internet probes and causes a wobble and a failover event.

2024 May 16 21:01:10 FIREWALLHOSTNAME auth.notice login: [WebUI] Local User 'admin' logged-in to WebUI from '172.16.10.1' as 'Super Admin'
2024 May 16 21:01:11 FIREWALLHOSTNAME daemon.info dnsmasq: reading /etc/resolv.conf
2024 May 16 21:01:11 FIREWALLHOSTNAME daemon.info dnsmasq: using nameserver 217.172.141.44#53
2024 May 16 21:01:11 FIREWALLHOSTNAME daemon.info dnsmasq: using nameserver 8.8.8.8#53
2024 May 16 21:01:11 FIREWALLHOSTNAME daemon.info dnsmasq: read /var/hosts - 17 addresses
2024 May 16 21:01:12 FIREWALLHOSTNAME user.info lua: [Security Settings] A policy change has been applied
2024 May 16 21:01:12 FIREWALLHOSTNAME user.info lua: [Security Settings] High Availability policy change has been applied
2024 May 16 21:01:14 FIREWALLHOSTNAME daemon.info dnsmasq: reading /etc/resolv.conf
2024 May 16 21:01:14 FIREWALLHOSTNAME daemon.info dnsmasq: using nameserver 217.172.141.44#53
2024 May 16 21:01:14 FIREWALLHOSTNAME daemon.info dnsmasq: using nameserver 8.8.8.8#53
2024 May 16 21:01:14 FIREWALLHOSTNAME daemon.info dnsmasq: read /var/hosts - 17 addresses
2024 May 16 21:01:16 FIREWALLHOSTNAME daemon.info dnsmasq: reading /etc/resolv.conf
2024 May 16 21:01:16 FIREWALLHOSTNAME daemon.info dnsmasq: using nameserver 217.172.141.44#53
2024 May 16 21:01:16 FIREWALLHOSTNAME daemon.info dnsmasq: using nameserver 8.8.8.8#53
2024 May 16 21:01:16 FIREWALLHOSTNAME daemon.info dnsmasq: read /var/hosts - 17 addresses
2024 May 16 21:01:28 FIREWALLHOSTNAME user.err cposd: [CPOSD] Error: Could not resolve name for probed server dns.cloudflare.com
2024 May 16 21:01:28 FIREWALLHOSTNAME user.err cposd: [CPOSD] Error: Could not resolve name for probed server dns.opendns.com
2024 May 16 21:01:28 FIREWALLHOSTNAME user.err cposd: [CPOSD] Error: Could not resolve name for probed server dns.cloudflare.com
2024 May 16 21:01:31 FIREWALLHOSTNAME user.err cposd: [CPOSD] Error: Could not resolve name for probed server dns.cloudflare.com
2024 May 16 21:01:31 FIREWALLHOSTNAME user.err cposd: [CPOSD] Error: Could not resolve name for probed server dns.opendns.com
2024 May 16 21:01:31 FIREWALLHOSTNAME user.info cposd: [CPOSD] WAN connection "Internet1": Internet connection probe status has changed to Disconnected. servers: 3, fails: 10, attempts: 30
2024 May 16 21:01:31 FIREWALLHOSTNAME daemon.info dnsmasq: reading /etc/resolv.conf
2024 May 16 21:01:31 FIREWALLHOSTNAME daemon.info dnsmasq: using nameserver 217.172.141.44#53
2024 May 16 21:01:31 FIREWALLHOSTNAME daemon.info dnsmasq: using nameserver 8.8.8.8#53
2024 May 16 21:01:31 FIREWALLHOSTNAME daemon.info dnsmasq: read /var/hosts - 17 addresses
2024 May 16 21:01:58 FIREWALLHOSTNAME user.info cposd: [CPOSD] WAN connection "Internet1": Internet connection probe status has changed to Connected. servers: 3, fails: 9, attempts: 30
2024 May 16 21:03:00 FIREWALLHOSTNAME daemon.info dnsmasq: reading /etc/resolv.conf
2024 May 16 21:03:00 FIREWALLHOSTNAME daemon.info dnsmasq: using nameserver 217.172.141.44#53
2024 May 16 21:03:00 FIREWALLHOSTNAME daemon.info dnsmasq: using nameserver 8.8.8.8#53
2024 May 16 21:03:00 FIREWALLHOSTNAME daemon.info dnsmasq: read /var/hosts - 17 addresses
2024 May 16 21:03:18 FIREWALLHOSTNAME user.err cposd: [CPOSD] Error: Could not resolve name for probed server dns.cloudflare.com
2024 May 16 21:03:18 FIREWALLHOSTNAME user.err cposd: [CPOSD] Error: Could not resolve name for probed server dns.opendns.com
2024 May 16 21:03:21 FIREWALLHOSTNAME user.err cposd: [CPOSD] Error: Could not resolve name for probed server dns.cloudflare.com
2024 May 16 21:03:21 FIREWALLHOSTNAME user.err cposd: [CPOSD] Error: Could not resolve name for probed server dns.opendns.com
2024 May 16 21:03:21 FIREWALLHOSTNAME user.info cposd: [CPOSD] WAN connection "Internet1": Internet connection probe status has changed to Disconnected. servers: 3, fails: 10, attempts: 30
2024 May 16 21:03:21 FIREWALLHOSTNAME daemon.info dnsmasq: reading /etc/resolv.conf
2024 May 16 21:03:21 FIREWALLHOSTNAME daemon.info dnsmasq: using nameserver 217.172.141.44#53
2024 May 16 21:03:21 FIREWALLHOSTNAME daemon.info dnsmasq: using nameserver 8.8.8.8#53
2024 May 16 21:03:21 FIREWALLHOSTNAME daemon.info dnsmasq: read /var/hosts - 17 addresses
2024 May 16 21:03:35 FIREWALLHOSTNAME auth.notice login: [WebUI] Local User 'admin' logged-in to WebUI from '172.16.10.1' as 'Super Admin'
2024 May 16 21:03:39 FIREWALLHOSTNAME daemon.info dnsmasq: reading /etc/resolv.conf
2024 May 16 21:03:39 FIREWALLHOSTNAME daemon.info dnsmasq: using nameserver 217.172.141.44#53
2024 May 16 21:03:39 FIREWALLHOSTNAME daemon.info dnsmasq: using nameserver 8.8.8.8#53
2024 May 16 21:03:39 FIREWALLHOSTNAME daemon.info dnsmasq: read /var/hosts - 17 addresses
2024 May 16 21:03:40 FIREWALLHOSTNAME daemon.info dnsmasq: read /var/hosts - 17 addresses
2024 May 16 21:03:41 FIREWALLHOSTNAME daemon.info dnsmasq: reading /etc/resolv.conf
2024 May 16 21:03:41 FIREWALLHOSTNAME daemon.info dnsmasq: using nameserver 217.172.141.44#53
2024 May 16 21:03:41 FIREWALLHOSTNAME daemon.info dnsmasq: using nameserver 8.8.8.8#53
2024 May 16 21:03:45 FIREWALLHOSTNAME user.info cposd: [CPOSD] WAN connection "Internet1": Internet connection probe status has changed to Connected. servers: 3, fails: 9, attempts: 30
2024 May 16 21:03:46 FIREWALLHOSTNAME user.notice discntd_ctrl: Started...
2024 May 16 21:03:46 FIREWALLHOSTNAME user.notice discntd_ctrl: Called as sender...
2024 May 16 21:03:46 FIREWALLHOSTNAME user.notice discntd_ctrl: File has changed...
2024 May 16 21:03:46 FIREWALLHOSTNAME user.notice discntd_apply: Started...
2024 May 16 21:03:57 FIREWALLHOSTNAME user.notice discntd_apply: Done...
2024 May 16 21:04:19 FIREWALLHOSTNAME user.notice discntd_ctrl: Started...
2024 May 16 21:04:19 FIREWALLHOSTNAME user.notice discntd_ctrl: Called as sender...
2024 May 16 21:04:19 FIREWALLHOSTNAME user.notice discntd_ctrl: File has changed...
2024 May 16 21:04:19 FIREWALLHOSTNAME user.notice discntd_apply: Started...
2024 May 16 21:04:30 FIREWALLHOSTNAME user.notice discntd_apply: Done...

Packet loss aggregations from yesterday correspond with the times i was testing my theory it was caused by the webui.

FIREWALLHOSTNAME> show internet probe-stats
wan1:
server: 8.8.8.8:
time avg[ms] min[ms] max[ms] packet loss[%]
10:00 4.00 3 5 0.08
11:00 4.00 3 5 0.00
12:00 4.06 3 12 10.56
13:00 4.14 4 12 0.00
14:00 4.14 4 13 0.00
15:00 4.17 4 15 0.00
16:00 4.13 4 12 0.00
17:00 4.15 4 16 0.00
18:00 4.14 4 20 6.94
19:00 4.14 4 14 0.16
20:00 4.16 4 15 0.08
21:00 4.13 4 15 2.25
22:00 4.16 4 13 0.00
23:00 4.14 4 10 0.00
00:00 4.11 4 7 0.00