Re: CARP forcing failover

Tue, 28 Feb 2017 17:10:37 -0800 

Yes, the automatic failover is great and works perfectly to bring all 
interfaces over at once. But to manually force a failover I need to change the 
advskew one interface at a time with ifconfig.

Ari


On 1/3/17 12:04pm, Freddie Cash wrote:
> Do you have the preemption sysctl enabled? That will fail-over all carp 
> interfaces when any one fails.
> 
> "sysctl -a | grep carp"
> 
> I'm pretty sure there's also an ifconfig command to force the state as either 
> master or backup. Check the man page.
> 
> 
> On Feb 28, 2017 5:01 PM, "Aristedes Maniatis" <[email protected] 
> <mailto:[email protected]>> wrote:
> 
>     I have a pair network gateway boxes running FreeBSD 11 and pf. Upstream 
> runs VRRP to provide redundant links, one to each gateway. Internally I'm 
> using CARP for failover.
> 
>     All works well, but I find that manually failing over the link is a bit 
> complicated. In short I have this:
> 
>     em0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 
> mtu 1500
>             media: Ethernet autoselect (100baseTX <full-duplex>)
>             status: active
>             carp: BACKUP vhid 1 advbase 1 advskew 50
>     igb0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 
> mtu 1500
>             media: Ethernet autoselect (1000baseT <full-duplex>)
>             status: active
>             carp: BACKUP vhid 2 advbase 1 advskew 50
>     igb0.2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 
> 0 mtu 1500
>             status: active
>             vlan: 2 vlanpcp: 0 parent interface: igb0
>             carp: BACKUP vhid 3 advbase 1 advskew 50
>             groups: vlan
> 
>     That's two internal vlans and one external network. Each interface has 
> its own vhid since that's the advice I had in the past.
> 
>     Now, what command can I type that I could run remotely (SSH over the em0 
> link) to force all the CARP addresses simultaneously to decrease the advskew 
> and become MASTER. Alternatively I could run something on the MASTER to make 
> it BACKUP. Everything I've done so far is one command per interface which has 
> got me in trouble before as I manage to accidentally remove my own access to 
> the box before I'm done.
> 
>     Cheers
>     Ari
> 
>     please cc me.
> 
>     --
>     -------------------------->
>     Aristedes Maniatis
>     CEO, ish
>     https://www.ish.com.au
>     GPG fingerprint CBFB 84B4 738D 4E87 5E5C  5EFA EF6A 7D2E 3E49 102A
> 

-- 
-------------------------->
Aristedes Maniatis
CEO, ish
https://www.ish.com.au
GPG fingerprint CBFB 84B4 738D 4E87 5E5C  5EFA EF6A 7D2E 3E49 102A

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to