VIP understanding and Firewall Rules

[ColeTrain]

I currently have two PiHoles on two servers.  I set up KeepaliveD so there is a master and slave, as a failover system.  In the config of KeepaliveD the VIP is stated.  I also added the VIP to the OPNsense interface.

When I do firewall rules, do I just add the two server IP's or do I need to include the VIP?

I guess I am trying to understand how a VIP works, the documentation is not helping, and I cant find anything else on it.  I am not doing CARP or anything, and that is the type of googling I keep finding, like a VIP for HA, with CARP involving the WAN and everything.  I just need an internal LAN VIP.

I have done something wrong, I can ping the VIP and shut down a server, and I see failover and it go back to pinging, but when I shut down the 2nd server, it just keeps pinging!   And its similar for the PIHoles.  If I shut down both piholes, the DNS still works on the PC.

[bartjsmit]

DNS still works on the PC.

DNS is a caching protocol. You need to clear the client cache or resolve a name you haven't resolved recently, e.g. www.femlinkpacific.org.fj (apologies for assuming if you're in fact a woman in the pacific).

Bart...