Hello Chris, Jim and all, Let one HA setup with xxx::2 and xxx::3 as their WAN and xxx::1 defined as CARP. Now let xxx::10 defined as IP alias on parent xxx::1 (the WAN CARP), same prefix length as for the xxx::1.
Clearly for packets coming in for xxx::1 (CARP), the system works as designed (master gets them, backup no). But for packets coming in for xxx::10 alias, the packets randomly reach both systems, just as if we were in the wrong configuration where two hosts have the same IP : whatever switch/router sits in front of WAN interface gets mad. This situation is seen in an ESXi cluster with those systems being 2.3.1 VMs. The 'whatever switch/router' sitting in front of WAN happens to be Cisco 1000v. This is not my equipment, so my investigation capabilities are limited. I'm simply not yet sure if this something bad outside of pfSense or if this is something going wrong with pfSense in the context of IP aliases added with a parent interface being the WAN CARP IP (in IPv6). With IPv4, the equivalent setup (some IP alias on top of the WAN CARP IPv4), I do not see this wrong behavior. This is why I fear a bug in pfSense/freeBSD anyway. If someone could confirm / infirm this, it would prove very helpful. Thanks! -- Meilleures salutations, Met vriendelijke groeten, Best Regards, Olivier Mascia, integral.be/om _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
