Bug: CARP not working on second WAN interface

[wytcld]

From https://forum.opnsense.org/index.php?topic=5765.0:

Experimenting, I'm getting a contradictory result. On the first WAN interface, I've added two CARP IPs, both using the same VHID number. On the second WAN interface, I've added one CARP IP, using a second VHID number. But when I try to add a second CARP IP, OPNsense complains:

 The following input errors were detected:
 *    VHID 12 is already in use on interface WAN2. Pick a unique number on this interface.

In the CARP widget in the lobby, it clearly shows the first two IPs as "WAN1@11 > MASTER ", and the second as "WAN2@12 ", where 11 and 12 are the CARP VHIDs. Note the second interface's IP isn't showing it as master either. What difference is allowing multiple CARP IPs with the same VHID on one WAN interface, and blocking it from being set up that way on the other?

Also, WAN2 is not sending out any CARP packets. It's receiving some with another VHID from another system on that interface. But it's not sending out any of its own on WAN2, not with VHID12 or anything else. Also, it has not added the one CARP IP to its interface.

Looking with ifconfig, I see that interface igb1 (WAN1) has promiscuous mode enabled, igb2 (WAN2) does not. Why would this be? Could it be related to the problems?

[AdSchellevis]

I think we can drop the constraint which only allows the same vhid to be assigned on one interface, I just need to do some final check there.

I removed the validation and saved on my end, which seems to result it the correct aliases:

	inet 10.100.0.10 netmask 0xffffff00 broadcast 10.100.0.255 vhid 1 
	inet 10.100.0.11 netmask 0xffffff00 broadcast 10.100.0.255 vhid 1 
	inet 10.100.0.12 netmask 0xffffff00 broadcast 10.100.0.255 vhid 1 

Which looks the same as adding one manually using
ifconfig em2 alias 10.100.0.11 netmask 255.255.255.0 vhid 1

[mimugmail]

Multiple IPs per VHID would be very great. Drops down the noisy Multicast

[AdSchellevis]

I think we better unlock the possibility to add an optional vip to an ipalias as well and check if there actually is a carp vip configured on the interface when set, that way you can easily add more and we keep complexity low.

If we remove the validation we would trigger the init (https://github.com/opnsense/core/blob/17.7/src/etc/inc/interfaces.inc#L1871) multiple times, which isn't a very bright idea.

[AdSchellevis]

@mimugmail in case you have the time and spirit to do some testing, 8ae34af should add support for a vhid on an ipalias.

[mimugmail]

I'm back from vacation on 4th of September and will so some testing of not already in master :)