CARP IP and IP alias

decibel83

Hi.
I have several CARP IP addresses on the same subnet (x.x.x.160/28) on the WAN interface, and to use it on my two pfSense systems I configured x.x.x.161/28 as IP alias on pfsense1 and x.x.x.162/28 on pfsense2.

Now I wish to use these two IP addresses to serve some services, so I am wondering why I also need an IP Alias on the same subnet which is definitively "lost" as I cannot use for real production services as I don't have CARP (and high availability) on it.

Please note that I am using pfSense 2.3.2-RELEASE-p1 (amd64).
On this page https://doc.pfsense.org/index.php/What_are_Virtual_IP_Addresses I read that "CARP VIPs may be in other subnets on pfSense 2.2-RELEASE and later", but if I try to delete my IP alias (x.x.x.161/28) I am getting the following error:

This entry cannot be deleted because it is still referenced by a CARP IP with the description JAIL CARP Address.

But! The JAIL CARP Address is the 192.168.120.6/29, which is not on my x.x.x.160/28 subnet and it's not on the WAN network!

So, where am I wrong? Could you help me please?

dotdash

You don't need an alias to use CARP VIPs in other subnets on recent versions.
You should be fine deleting the alias IPs, as to why you can't, I don't know. Try deleting the jail carp first, then delete the alias, then re-create your jail carp. Perhaps it is incorrectly referencing the alias ip, you could edit the properties and look.