Added a VIP on LAN, can't ping it (same subnet)



  • I need to have two internal IP addresses (on the same subnet) that can both be used as a gateway by internal machines on that same network.  So my pfSense box has one of the IPs, and I added a virtual IP for the second one, on the LAN interface.  But I can't ping it, and I doubt I can use it as a gateway then.

    Is this doable?  In case you want to know why I need this - we are switching over to a different internal gateway IP, but rather than change all the machines at once (the machines that use this gateway), we'd like to be able to switch over whenever is good for that particular client.  Once they are all switched over, I'll drop the virtual 2nd internal IP.



  • I'm guessing you added a proxy-arp? It Should work- why don't you try changing the GW on a PC? If you need it to be pingable, use a CARP VIP instead.



  • @dotdash:

    I'm guessing you added a proxy-arp? It Should work- why don't you try changing the GW on a PC? If you need it to be pingable, use a CARP VIP instead.

    Yes it was a Proxy-arp address.  I did try changing my gateway just now - and it did work.  I just assumed it wasn't working because I couldn't ping it.

    But when I do a traceroute I don't see it hitting the 2nd IP, the first hop is the primary IP.  Does that sound right?



  • You cannot ping Proxy type VIP's.
    Only CARP type VIPs.
    http://forum.pfsense.org/index.php/topic,7001.0.html


Log in to reply