Print Page - Virtual IP and services binding to to it

Title: Virtual IP and services binding to to it
Post by: opn_nwo on July 08, 2021, 03:32:14 PM

I noticed that if I add a virtual IP (alias or CARP) to an interface, services like sshd, lighthttp, undound automatically get bound to the it. Is there a way to prevent that from happing?

Title: Re: Virtual IP and services binding to to it
Post by: franco on July 08, 2021, 08:27:25 PM

There is a PR for this https://github.com/opnsense/core/pull/4554 but making each service aware of this is a maintenance nightmare waiting to happen.

If you raise a feature request on GitHub I know what to do as we spoke about the situation internally: instead of patching each service we would add a marker for each virtual IP entry to not be listed as a possible listening IP when the interface IP addresses are queried for such purposes.

https://github.com/opnsense/core/issues/new?assignees=&labels=&template=feature_request.md&title=

Cheers,
Franco

Title: Re: Virtual IP and services binding to to it
Post by: opn_nwo on July 08, 2021, 10:33:53 PM

Thank you Franco. I just submitted a feature request for it:

https://github.com/opnsense/core/issues/5086

Keeping my fingers crossed :)

Title: Re: Virtual IP and services binding to to it
Post by: franco on July 09, 2021, 07:59:24 AM

Thanks, ticket assigned, but it will take a few weeks with 21.7 release process running in the background at the moment.

Cheers,
Franco

Title: Re: Virtual IP and services binding to to it
Post by: opn_nwo on July 09, 2021, 02:42:16 PM

Thank you, that's awesome! Much appreciated.

OPNsense Forum

Archive => 21.1 Legacy Series => Topic started by: opn_nwo on July 08, 2021, 03:32:14 PM