On 22/11/11 19:27, Russell Garrison wrote:
I had some experience with this and found another thread where the
best thing to do for your routing is to have only one /(32-n) mask and
then all /32 for any given subnet and rdomain combination on a system.
I have set up my system accordingly and my advice is to set your carp
primary IP to the proper network mask (especially if it is using the
carp IP to provide a gateway to the connected network) and then any
other IP/interfaces to /32 per subnet. Example:
em5 - no IP
carp5 - 10.0.0.0/30 mask on carpdev em5
em4 - 9.0.0.0/32 for mgmt
carp4 - 9.0.0.0/28 acting as gateway for 9.0.0.0 net on carpdev em4
carp4 - aliases on 9.0.0.0 with /32 masks on carpdev em4
Before this I had the same mask on em4 and carp4 primary IP. It
worked, but I noticed the ARP had tell: set to the em4 MAC/IP and that
the route for that network was "homed" to em4 in the table. After the
change ARP has tell: set to the carp MAC/IP and the network is on the
carp4 if, which seemed more consistent to me. Can't tell you for sure
if that is better for you, but it is worth a shot.
I can also advise that ifconfig on runtime can have different effects
than editing hostname.if and using netstart. One example I can think
of is all the self-routing stuff that happens with netstart. I also
find it good to get a reboot in at some point just to double-check
that the hostname.if files and netstart do what you want on a system
that hasn't had any previous networking setup.
Good luck, happy hacking.
Thanx for the reply.
Setting the valid netmask on the CARP interface instead of the real
interface might be ok on VLAN gateways.
But since I'm using my carp setup for firewalling at the edge of my
network this would make the secondary firewall (backup) without network
access since it's default gateway is on that network.
Also Henning proposed the exact opposite in that old thread (ie /32 on
the carp interface) which seems more logical to me, but then I get those
errors (arp_rtrequest: bad gateway value)
regards,
Giannis
