Adding NIC to an existing CARP cluster

  • Hi,

    First of all, thank you. I've been using pfSense for a few years now, it is a great tech and I have often found valued information in this forum.

    I got a pfSense cluster (2.3.1) with a bunch of CARP virtual ips on different interfaces and it is working well: it fails over to the slave instance in case of outage or maintenance mode, and fails back to the master when it goes online again.

    Now, I am trying to add a new NIC to each server. I tried two scenarios:

    1. Shut down of the slave
    2. Add the NIC to the slave
    3. Start the slave
    4. Enter maintenance mode on master –> vip won't move to the slave (even if the new NIC is not assigned).


    1. Enter maintenance mode on master --> vip move to the slave
    2. Shut down of the master
    3. Add the NIC to the master
    4. Start the master --> vip won't move back to the master (even if the new NIC is not assigned).

    None of these actually work but I can't figure out exactly why adding an unused controller disrupts the CARP configuration?

    Besides, if I shut down both server to add simultaneously the new NIC on both server, all vip come in a MASTER-MASTER state when restarting the servers.  Any idea where I should look? (can't find anything useful in the system logs).

  • LAYER 8 Netgate

    Where is the new NIC appearing in the interface naming scheme?

    For instance, if you have igb0, igb1, igb2, and igb3 then shut down, add the NIC and restart, are all of those unchanged or does the new NIC insert itself somewhere in there? If the new NIC is not of the same type (igb in this example) the order should not matter. If it is the same type, it might matter a lot.

  • Sorry, I have been away for some times.
    –> First option: I got vmx0, vmx1, vmx2 and vmx3. After adding the new NIC, it appears as vmx4 and the existing NIC remain unchanged.

    Edit: I tried adding a different type of NIC (E1000 instead of VMXNET3) and both scenario worked. So I guess you are right, it is somehow related to the interface naming scheme.

Log in to reply