Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    CARP IP is in backup state however it is still answering queries on other VLANs

    HA/CARP/VIPs
    carp vlan vip
    1
    1
    346
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • noahajacN
      noahajac
      last edited by

      Hello. On my network I use a CARP IP for DNS redundancy. My DNS server is the primary and if that goes down pfSense will takeover the IP and answer requests with Unbound. This worked perfectly, until I split my network into VLANs.

      The DNS server is on VLAN20 so that is what I set the interface for on the CARP config on pfSense. The negotiation of master/backup still seems to work perfect with pfSense taking the backup state. And if I run dig from another device in VLAN20, the proper DNS server responds.

      The problem is if I try running dig from for example, VLAN30 (firewall is configured to allow connections from VLAN30 to VLAN20), the router's unbound server answers the query.

      Did I configure something wrong or is there a bug somewhere? Is this intended behavior? The IP is in backup so I don't see why it's responding at all, regardless of the interface.

      Thanks!

      1 Reply Last reply Reply Quote 0
      • First post
        Last post