On Thu, Dec 16 2004 - 20:46, Jason Dixon wrote:
On Dec 16, 2004, at 10:18 AM, Joel CARNAT wrote:
I wanted to do CARPing on interfaces which were part on bridges.
According to my readings and testing (it's been 1 week I'm trying to
have it working ;), it seems you can't enable carp on an interface that
is bridged to some other...
I believe you can, so long as your interface has an IP assigned to it.
An IP is needed, but you will not be routing- don't let it confuse you.
You're still bridging all packets between the external segment and the
protected segment. I haven't tried it myself (yet), so caveat emptor.
I just (re)test this configuration :
bge0: 192.168.10.201
bge1: 192.168.10.202
carp0: 192.168.10.200 carpdev bge0
bridge0: add bge0 add bge1
my test is pinging 192.168.10.200 (the carp interface).
it's OK until I brconfig bridge0 up.
from then, I can see (tcpdump) echo request on bge0 and bge1 but nowhere else
(and no ack anywhere).
then I brconfig bridge0 down and the ping works back.
that's why I'm pretty sure the bug is the bridge (or @least the way I
configured it ;)...
I thought, maybe, setting the bridge confuses carp because paquets are
first forwarded from bge0 to bge1 and as carp0 is linked to bge0, it
doesn't work on the paquet (yes, I already tried to set carp0 on bge1
and same error occurs).
another weird thing (or @least one I don't understand =) is, on the
working config (aka ping carp is OK), I see rq/ack on bge0 and rq only
on carp0. shouldn't I see rq/ack on carp0 too ? maybe the clue ?
Is is really true (or did I miss a bit of configuration) ?
And, if so, why ? What makes it impossible ?
Actually, Ryan McBride recently posted a diff to -current to allow CARP
interfaces to bind to the physical interface (without IP) using the
carpdev keyword.
well, I already had this discussion with him (I think it was either
privatly or on [EMAIL PROTECTED]) ; anyway, I did install the snapshot
(timestamped about Dec 8th) that allows the carpdev feature.
so this is OK, I can have carp listen on some IP while the real
interface has no IP (or IP on some different IP range - in my case,
interface as private IP and carp has public).
but even with this patch apply, my carp stops working as soon as I
ifconfig bridge0 up.
http://marc.theaimsgroup.com/?l=openbsd-techm=110229937028512w=2
--
,-- This mail runs -.
` NetBSD/i386 --'