pfSense

Hello,

When we use GW group with CARP VIP selected in HA cluster , the IP selected by the GW group is not used in Dynamic DNS as it was before in 24.11 (we did an upgrade 24.11 => 25.07.1 from the gui).

The physical ip of the interface of the active HA member is used instead.

We are impacted by this because we need dyndns to track the right IP for openvpn client to land and the right IP (we have multiple openvpn instance on the pfsense listing to differents GW groups with differents VIP)
Right now we have 2 pfsense in HA with 3 wan and 7 public vip in IPv4
We did not check if it is the same in IPv6.

Example :

You have two wan (wan1 and wan2) in a HA cluster pf-a(master) and pf-b(secondary)
pf-a.wan1 : 192.168.1.1
pf-b.wan1 : 192.168.1.2
wan1 carp vip 192.168.1.3

pf-a.wan2 : 192.168.2.1
pf-b.wan2 : 192.168.2.2
wan2 carp vip 192.168.2.3

GW group GW_VPN is configured as such :

WAN1 tier 1 (192.168.1.3)
WAN2 tier 2 (192.168.2.3)

OpenVPN : listening on GW_VPN

pf-a.wan1 is selected right now

Expected behaviour :
Openvpn ip : 192.168.1.3
Dynamic DNS ip : 192.168.1.3

Observed behaviour in our case:
Openvpn ip : 192.168.1.3
Dynamic DNS ip : 192.168.1.1

If you want to debug this with us, I would be more than happy to free some time to help you with this.

Kind regards,
Arthur Besnard