[RESOLVED] CARP - Interface specified for the virtual IP address x.x.x.x does not exist. Skipping this VIP.

  • Hello all

    I have a pair of pfSense sync'ed, each with :
    one physical WAN, connected to ISP router through a L2 switch
    one physical internal network (holding 6 VLAN) connected to an internal switching architecture (multi-VLAN)
    (synchro done through one of the VLAN, ID 999)

    All interfaces share CARP adresses :
    1 CARP for WAN (master .251, backup .252, VIP .254, VHID=1)
    1 for 1rst VLAN (master .251, backup .252, VIP .254, VHID=2)
    1 for 2nd VLAN (master .251, backup .252, VIP .254, VHID=3)
    and so on...

    Recently I created a new physical WAN2 (assigned OPT7) for a second ISP.
    Notice : WAN & WAN2 interfaces are connected to the same L2 switch (pure L2 switching), as well as the two ISP routers

    I set the WAN2 interface on each pfsense, put IP adresses (.251 & .252) then generate a CARP VIP on pfSense #1 (.254, VHID=7) and wait for the configuration to sync on the second.

    pfSense #2 generates automatically a reference, but connects it to WAN interface (it should be WAN2) !
    I then get errors :
    Interface specified for the virtual IP address x.x.x.254 does not exist. Skipping this VIP.
    so I edit the CARP entry on pfSense #2, and change the interface to WAN2
    -> OK for a while, but some actions (reboot, filter reload, ...) seem to break this and I need to reset the interface to WAN2.

    Before I try to physically separate WAN & WAN2 interfaces, do you have any advice ?

  • Rebel Alliance Developer Netgate

    Are you absolutely certain the interface IDs are identical on both nodes? It sounds like they are not the same. Your symptoms resemble what would happen if the interfaces are not assigned in an identical order on both nodes. For example, on the primary node, WAN2 may be OPT7 but on the secondary node, it's a different OPTx number.

    You may have to download a config backup from both units and compare the interfaces sections between them.

  • @jimp
    Yes interface IDs are different : OPT7 on #1 and OPT6 on #2
    (#1 has an IPv6 tunnel defined).
    But IP adresses are correct, as well as VHID.

    What I can't understand is why it accepts to sync when I modify manually the CARP interface on #2 (from WAN -> WAN2)
    and also why #2 sometimes switches back to interface WAN (ID = WAN)

    Well, I will try to remove the v6 tunnel and be sure that both use the same OPTx
    I'll keep you informed.

  • @f-meunier
    Seems better !
    I'll let you know
    That works.
    Thanks for the help.
    Have a nice day

Log in to reply