NATted outbound traffic sometimes uses backup CARP IP on LACP/LAGG interface

[Kristof Provost]

On 15 Sep 2017, at 11:31, Dave Cottlehuber wrote:
> Can you explain what $if:0 resolves to, for example how does it relate
> to to the primary ipv4/6 addresses bound to that interface?
>
> I couldn't find a reference in the usual ifconfig manpages about this
> (ifname:#) format,  the BNF grammar for pf.conf doesn't cover it 
> either,
> and `pfctl -vnf ...` simply shows (lagg0:0).
>
It tells pf to not use any of the alias addresses. It’s explained in 
the pf.conf man page:

            Interface names and interface group names can have modifiers
            appended:

            :network      Translates to the network(s) attached to the 
interface.
            :broadcast    Translates to the interface's broadcast 
address(es).
            :peer         Translates to the point-to-point interface's 
peer
                          address(es).
            :0            Do not include interface aliases.

            Host names may also have the :0 option appended to restrict 
the name
            resolution to the first of each v4 and v6 address found.


Regards,
Kristof