SOLVED? Keepalived virtual IPs on RED

erikvl · 14 November 2019 16:07

Hi,

I have been evaluating keepalived on IpFire for a while now and there is just one thing that I haven’t been able to solve yet.

The virtual IPs I have added to the RED interface don’t show up as targets in on the firewall rules page. Not really a surprise, because they haven’t been “officially” announced to the IpFire configuration system.

Adding them as aliases doesn’t seem to be a solution either, because even though that would make them show up in the interface, it would also add them as fixed aliases.

Is there a work-around to solve this? Or will this require an addition to IpFire? Maybe by adding the option to define aliases without actually adding the IPs to RED?

I suppose I could add the rules inf firewall.local, but it would be better to be able to see and manipulate them in the web interface.

ms · 14 November 2019 16:38

Hi,

I am not aware of an easy workaround for this unfortunately.

erikvl · 14 November 2019 17:40

I just might have to report this as a feature request then. I was planning to use 2 IpFire units as master and backup. Being able to configure them in the GUI is a must.

erikvl · 14 November 2019 17:56

Turns out that this is exactly what happens when you define an alias, but don’t enable it. I just didn’t check that well enough.

I will have to do some testing later on, but it seems this is exactly what I need.