Ricardo Augusto de Souza wrote: > Anyone know how do i 'force' a carp to be backup? > I set a advskew higher than the master but it comes up as master.
Is there a host-based or network-based firewall blocking the carp protocol? In ipfw, you would need: /sbin/ipfw add allow carp from $SOME_IP to 224.0.0.18 in via $SOME_INT For me: | ccowart wifi-aux-1 / $ ifconfig vlan91 | vlan91: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 | options=3<RXCSUM,TXCSUM> | ether 00:1d:09:29:a7:f5 | inet 10.9.64.2 netmask 0xfffff000 broadcast 10.9.79.255 | media: Ethernet autoselect (1000baseTX <full-duplex>) | status: active | vlan: 91 parent interface: bce1 | ccowart wifi-aux-1 / $ ifconfig carp11 | carp11: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500 | inet 10.9.64.1 netmask 0xffffffff | carp: BACKUP vhid 11 advbase 1 advskew 100 | ccowart wifi-aux-1 / $ ifconfig carp21 | carp21: flags=49<UP,LOOPBACK,RUNNING> metric 0 mtu 1500 | inet 10.9.64.1 netmask 0xffffffff | carp: MASTER vhid 21 advbase 1 advskew 0 | ccowart wifi-aux-1 / $ sudo tcpdump -i vlan91 proto carp | tcpdump: verbose output suppressed, use -v or -vv for full protocol decode | listening on vlan91, link-type EN10MB (Ethernet), capture size 96 bytes | 14:06:36.009984 IP 10.9.64.3 > VRRP.MCAST.NET: VRRPv2, Advertisement, vrid | 11, prio 0, authtype none, intvl 1s, length 36 | 14:06:36.143937 IP 10.9.64.2 > VRRP.MCAST.NET: VRRPv2, Advertisement, vrid | 21, prio 0, authtype none, intvl 1s, length 36 | 14:06:37.012025 IP 10.9.64.3 > VRRP.MCAST.NET: VRRPv2, Advertisement, vrid | 11, prio 0, authtype none, intvl 1s, length 36 | 14:06:37.146003 IP 10.9.64.2 > VRRP.MCAST.NET: VRRPv2, Advertisement, vrid | 21, prio 0, authtype none, intvl 1s, length 36 Use tcpdump on your parent interfaces to see if you're seeing the multicast traffic. Make sure your firewalls allow this traffic. -- Chris Cowart Network Technical Lead Network & Infrastructure Services, RSSP-IT UC Berkeley
pgpemncxpua5v.pgp
Description: PGP signature
