IPs disappearing from Alias table

larslindnilsson

We are having a Host(s) alias we are using in a firewall rule. The alias consists of two FQDNs and two static IPs. The FQDNs are for two specific computers on the network. The FQDNs are normally resolved to the computers' IP on the LAN (10.1.x.x). The two static IPs are assigned to the two computers when connecting through OpenVPN (using Client Specific Overrides).

computer1.example.com
computer2.example.com
10.8.0.240
10.8.0.241

We often experience that one of the static IPs disappears from the Alias (when checking under Diagnostics / Tables)

The FQDNs can sometimes be resolved to one of the static IPs (since OpenVPN sends updates to the internal DNS server), and I'm suspecting that this is what triggers the problem. But when the computer gets back on the LAN, it seems that the 10.8.0.x IP disappears from the Alias, even though it's a static entry.

I have also tried to create two separate aliases for the FQDNs and the IPs and then create an alias including the two sub-aliases. And here I see that the sub-aliases looks correct (two IPs in each), but the joined alias is missing one of the static IPs.

Is there something I have misunderstood regarding how aliases should work?

We are running pfSense Plus 23.09.1, but the problem also existed on 23.05.1 (and possibly earlier versions)

Patch

Notice the same behaviour
It appears an alias containing two FQDN which resolve to the same IPv4 address are not included in the table at all about 50% of the time.

Tested in pfsense v2.7.2