IP Alias on CARP IP doesn't work where IP alias above CARP parent in list
I have 300 over IPs in 3 different subnets. I have added 3 different CARP IPs from each subnet. Other IPs on them as IP Alias.
If I want to edit a CARP IP, all of IP Aliases (under this CARP IP) shown as cleared at ifconfig outputs and can't be reach to these IPs a few minutes later. But these IPs shown at list of VIP lists on WebConfigurator.
Updated by Atıf CEYLAN about 8 years ago
I have tested now again and saw that problem resource is if CARP Ip is defined after IP Alias (order priority problem), the carp_status.php gives the below error.
Oct 9 03:51:18 pf php: /carp_status.php: The command '/sbin/ifconfig '' inet '192.168.1.20'/'24' alias' returned exit code '1', the output was 'ifconfig: interface does not exist
Updated by R. S. about 8 years ago
How to reproduce this:
I ran into this bug when I modified a setup pulled in from PFSense 2.0.x that looked like this:
(13 PARP VIPs bound to WAN)
(2 CARP VIPs, LAN and WAN)
(2 PARP VIPs, bound to WAN)
I edited/transformed the PARPs into IPAlias VIPs bound to the CARP WAN gateway, and then had a VIP list that looked like this:
(13 IPAlias VIPs, bound to CARP WANgw)
(2 CARP VIPs, LAN and WAN -- unchanged from 2.0.x)
(2 IPAlias VIPs, bound to CARP WANgw)
The result was that two of my IPaliases worked, and 13 did not bind to the CARP VIP, probably because of the reason Atif mentioned above.
If I create a new CARP alias, it's added at the bottom of the VIP list, so getting all CARP VIP interfaces to work correctly would mean deleting and re-adding all of the IPAlias rules!
So this bug hints at two problems:
1. IPaliases can't be declared before a CARP VIP, which isn't really a problem, because the network stack is working as designed...
2. Order in the PFSense VIP list matters to the IPAlias type (possibly others), and either PFSense should order VIPs properly, or allow the user to do so in the GUI interface. Personally, I'd prefer the former.
Updated by Chris Buechler about 6 years ago
- Subject changed from IP Alias over CARP IP problem to IP Alias on CARP IP doesn't work where IP alias above CARP parent in list
- Category set to Virtual IP Addresses
- Status changed from New to Confirmed
- Affected Version set to All
wouldn't have to re-create everything in that circumstance, could just manually edit the config to change the order. Not a common circumstance, but one that should work.