Feature #16613
closed
Allow using interface subnet macros with interfaces which only contain VIPs
100%
Description
Rules which use interface macros (e.g. OPT1 subnets) are only generated when the interface contains a primary address. If the interface does not have an address assigned but does have a VIP, the rule is omitted from the ruleset.
Files
Updated by Marcos M 2 months ago
- Status changed from In Progress to Feedback
- % Done changed from 0 to 100
Applied in changeset d23a80da4d34ae2317aa3744856e589e84af30fe.
Updated by Alhusein Zawi 2 months ago
When attempting to add a VIP to an interface that does not have a primary IP address, a validation message appears and prevents the VIP from being added.
In my opinion, if an interface does not have a primary IP address, it would be better to remove the interface address and interface subnet (for example, OPT1 address and OPT1 subnets) and then add the VIP subnets instead.
26.03.a.20251231.2004
Updated by Marcos M about 2 months ago
The situation occurs when the WAN is set to DHCP and the interface loses its address (e.g. the DHCP server is unavailable to give a lease). The rule generation needs to account for this when a VIP has already been assigned (while it still had an address).
Updated by Marcos M about 2 months ago
- Plus Target Version changed from 26.03 to 25.11.1
Updated by Jim Pingle about 1 month ago
- Subject changed from Allow using interface subnet macros which only have VIPs to Allow using interface subnet macros with interfaces which only contain VIPs