On 09/03/2015 10:34, Matthias May wrote:
A CARP address has it's own MAC. The IP alias shares the MAC of it's
parent interface.
Ah, good point.
If you change this while running, your upstream routers/switches will
have the wrong MAC address for your IP cached.
Sending a GARP might help with this.
Or simply wait for the caches to expire. (This "can" take a long time)
If it's a Cisco router upstream, its default ARP timeout is 4 hours :-(
An interesting workaround (untested) might be to keep the CARP interface
on some unused/private IP address, and add the new VIP on the "real" IP
address.
This means your machine should still continue to accept frames on the
old MAC address during the time it takes the upstream router to change
over to the new one. After half a day it should be safe to remove the
CARP interface.
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
