Things went smoothly but when we brought the production VLANs up again
at layer 2 on the switches, when spanning-tree converged we had again a
double MASTER problem.
In older versions of FBSD, creating logical interfaces like vlan(4) and
carp(4) had an nasty inadvertent side effect of toggling the state of the
underlying phyiscal interface.
This may be fixed in newer version.
This would then then cause STP to reset on the switchport which can take
up to 50 seconds to restore.
In the mean time, the backup host hasn't heard from the master and assume
the role of master.
You can try turning on switchport spanning-tree portfast on your backup
system which should cut down this time signifantly.
If you can assure that no STP BPDUs will be announced from your CARP
system, then its probably safe to run PortFast on a trunk.
The same is true after a reboot.
Maybe hack the RC script to force the CARP interfaces on your backup to
stay down at boot time for an extra 10/15 seconds
~BAS
I understand I could have avoided it by destroying/recreating the CARP
interfaces, but even in this case there is a split second during which
both firewalls are CARP MASTER.
Is there any way to force CARP to assume INIT state for some time when
coming up, and only after X seconds either become MASTER or BACKUP ?
Any other idea how to solve this, guys ?
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[email protected]"
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[email protected]"
