Open StormYudi opened 3 years ago
jaredhendrickson13
commented
3 years ago Hmm, this is an interesting one. It seems to work for me within a virtualized environment. I'll take a deeper look. Could you provide the ifconfig before and after you manually save the VIP?
StormYudi
commented
3 years ago Thank you for your reply, I tried many times and I found something weird. Because this IP has already bound, So I was trying to unbind it and try again, IP: 124.132.136.23, which is bound to vlan 111 before via API.
After I deleted it from the VIP list in pfsense, it still exists in ifconfig, not the vlan 111, but the wan, so it still pingable:
vtnet0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=d00b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWFILTER,VLAN_HWTSO,LINKSTATE>
ether 7a:66:fb:3b:0e:69
hwaddr 7a:66:fb:3b:0e:69
inet6 fe80::7866:fbff:fe3b:e69%vtnet0 prefixlen 64 scopeid 0x1
inet 119.188.248.195 netmask 0xffffff00 broadcast 119.188.248.255
inet 119.188.248.140 netmask 0xffffffff broadcast 119.188.248.140
inet 124.132.136.23 netmask 0xffffffff broadcast 124.132.136.23
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
media: Ethernet 10Gbase-T
StormYudi
commented
3 years ago But I was tried to add an fake IP like 1.1.1.1, It will exist only in vtnet0.111, not the vtnet0, after delete it, it's not exists anymore.
so I think there is the wrong thing..
jaredhendrickson13
commented
3 years ago I've been trying to reproduce this using several different interfaces and interface types but I still can't seem to replicate this behavior simply by adding and removing virtual IPs using the API or UI. However, looking at your ifconfig I think I understand what is happening here. There is a misalignment between your pfSense configuration and the actual interfaces on your system. At some point the virtual IP 124.132.136.23 was applied to vtnet0 which I'm assuming is your WAN interface. For whatever reason the corresponding pfSense configuration does not exist. This likely causes a conflict when you try to add the same 124.132.136.23 IP to a different interface as it is technically already in use.
If my assumption is correct, you should be able to fix this fairly easily. Within pfSense, create the virtual IP 124.132.136.23 on your WAN interface (make sure the IP doesn't exist on any other interface). Then delete that virtual IP after applying it. This should remove the virtual IP's binding to that interface and allow you to use it on your other interface as expected.
Hopefully this helps. Let me know if you find anything else.
Thanks!
StormYudi
commented
3 years ago Thank you for your reply :)
I follow your guide and I have successfully unbind the IP from pfsense, But after I removed 124.132.136.23 from pfsense, and try to bind it again via API, it still have some trouble.
I can see that VIP in pfsense UI shows it is bound to VLAN111, but in ifconfig, it shows that it has been bound to vtenet0, which is not the vlan111, or opt3: vtnet0.111 as I except. Like I've tried before, add a fake IP: 1.1.1.1 in UI, bind it to vlan111, it will only shows in vtnet0.111 not in the vtnet0.
UI:
ifconfig:
Here is my interface configuration, I hope it will help.
And if I try too apply it in UI, it will add the IP to vtnet0.111 with record in vtnet0 existing.....
Thanks again.
Hi, thank you for your work. Today I was trying to add virtualip via api, What's different from the past is that the interface is opt3, not the wan, and then I found it can't be active:
I have to enter the setting of that vip record, click 'save' button, and it will active immediately, is that a bug related to the interface or something wrong? I have never met this problem when I was trying to add vip on wan.
Thanks again !