2.3 upgrade. IP Aliases on CARP not being removed (solved. Not a problem)
-
*** Solved. During the upgrade the interface was kept as an invalid wan_vip1 so i opened and saved it to fix that problem but in doing so i didnt realize it was now assigned to the WAN interface instead of the CARP IP.
I upgraded a secondary pfsense firewall in a HA primary/secondary failover setup. I have CARP setup for all networks (except sync) and when I temporarily disable carp on the secondary firewall on the CARP status screen, The CARP IP gets removed from the interface on the secondary firewall but the IP Aliases do not. This leaves both firewalls showing the IPs of the IP Aliases assigned to the CARP interface on the WAN. The CARP IP does get removed from the secondary but it doesn't take the IP Aliases down with it.
The status on the secondary running 2.3 shows the DISABLED for all interfaces. The status on the primary firewall shows MASTER status.
Notice below that the CARP IP which is xxx.xxx.xxx.164 does get removed from the secondary but the IP Aliases stay up on the secondary. The IP Aliases should have been removed too.
Keep in mind that the primary is still on 2.1.5 version of pfsense where CARP and IP Aliases are put on a separate interface. I am testing the secondary to make sure there are no issues before upgrading the primary.
PRIMARY FIREWALL (2.1.5) igb0: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500 options=400bb <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,jumbo_mtu,vlan_hwcsum,vlan_hwtso>ether xx:xx:xx:3b:c1:90 inet xxx.xxx.xxx.165 netmask 0xffffffe0 broadcast xxx.xxx.xxx.191 inet6 fe80::92e2:baff:fe3b:c190%igb0 prefixlen 64 scopeid 0x1 nd6 options=1 <performnud>media: Ethernet autoselect (1000baseT <full-duplex>) status: active wan_vip1: flags=49 <up,loopback,running>metric 0 mtu 1500 inet xxx.xxx.xxx.164 netmask 0xffffffe0 inet xxx.xxx.xxx.167 netmask 0xffffffe0 inet xxx.xxx.xxx.168 netmask 0xffffffe0 inet xxx.xxx.xxx.169 netmask 0xffffffe0 inet xxx.xxx.xxx.170 netmask 0xffffffe0 inet xxx.xxx.xxx.171 netmask 0xffffffe0 inet xxx.xxx.xxx.172 netmask 0xffffffe0 inet xxx.xxx.xxx.188 netmask 0xffffffe0 carp: MASTER vhid 1 advbase 1 advskew 0 SECONDARY FIREWALL (2.3): igb0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500 options=400bb <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,jumbo_mtu,vlan_hwcsum,vlan_hwtso>ether xx:xx:xx:39:63:98 inet6 fe80::92e2:baff:fe39:6398%igb0 prefixlen 64 scopeid 0x1 inet xxx.xxx.xxx.166 netmask 0xffffffe0 broadcast xxx.xxx.xxx.191 inet xxx.xxx.xxx.167 netmask 0xffffffe0 broadcast xxx.xxx.xxx.191 inet xxx.xxx.xxx.168 netmask 0xffffffe0 broadcast xxx.xxx.xxx.191 inet xxx.xxx.xxx.169 netmask 0xffffffe0 broadcast xxx.xxx.xxx.191 inet xxx.xxx.xxx.170 netmask 0xffffffe0 broadcast xxx.xxx.xxx.191 inet xxx.xxx.xxx.171 netmask 0xffffffe0 broadcast xxx.xxx.xxx.191 inet xxx.xxx.xxx.172 netmask 0xffffffe0 broadcast xxx.xxx.xxx.191 inet xxx.xxx.xxx.188 netmask 0xffffffe0 broadcast xxx.xxx.xxx.191 nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (1000baseT <full-duplex>) status: active</full-duplex></performnud,auto_linklocal></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,jumbo_mtu,vlan_hwcsum,vlan_hwtso></up,broadcast,running,simplex,multicast></up,loopback,running></full-duplex></performnud></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,jumbo_mtu,vlan_hwcsum,vlan_hwtso></up,broadcast,running,promisc,simplex,multicast>