Where are VIP's defined? Not in rc.conf of course :)

MrPete

I need to remove the VIP's on one of my pfSense instances, and do so from the console (NOT the web GUI -- I can't get there until I remove the VIP's!)

Obviously, pfSense does not use the rc system, so rc.conf won't work.

Yet... this information is stored somewhere. Is it a secret?

Pretty please, how do I remove a VIP from the shell?

Thanks!
Pete

johnpoz

@mrpete vips would be stored in the xml. But you can remove any address on any interface with just ifconfig.

Do a ifconfig and you will see the addresses on a interface, be it vip or not - and you can just remove the ones you don't want with ifconfig

MrPete

@johnpoz Thanks!

So strange... searching for freebsd ifconfig man pages and examples, I didn't find any examples of this. However, the man page appears to show the way...

...yep! Simple:

ifconfig inter.face ip.ad.d.r -alias

So in my case,

ifconfig vtnet1.71 192.168.1.1 -alias

MrPete

@mrpete said :

@johnpoz Thanks!

So strange... searching for freebsd ifconfig man pages and examples, I didn't find any examples of this. However, the man page appears to show the way...

...yep! Simple:

ifconfig inter.face ip.ad.d.r -alias

So in my case,
ifconfig vtnet1.71 192.168.1.1 -alias

The interesting thing is: this does NOT remove the VIP definition. Just the current implementation in ifconfig.

So, a warning to others: using ifconfig is a temporary workaround, such as in my situation where I had a bad CARP config, and thus could not plug both pfSense LAN ethernets in at the same time -- they both were wanting the VIP address.

By removing the VIPs from the non-active pfSense, I could reattach, and reconfigure.

serbus

Hello!

Maybe 12 from the console menu and :

pfSsh.php playback disablecarp

disablecarp / enablecarp

These scripts disable and enable CARP high availability functions, and will deactivate CARP type Virtual IP addresses. This action does not persist across reboots.

https://docs.netgate.com/pfsense/en/latest/config/console-menu.html#php-shell-pfsense-tools

John

MrPete

@serbus said in Where are VIP's defined? Not in rc.conf of course :):

pfSsh.php playback disablecarp

Those tools look VERY helpful. Thanks!

stephenw10

Be aware that disabling CARP either there or in the GUI is also temporary. As soon as anything makes a change to the interface config section, or just reloads it, it will be re-enabled.

Steve