Hello sorry my bad english
So, Let's debug
Review carp/pfsync ( NODE1-carp0/NODE2-carp0 samepassword and same vhid
for each pair ) ( pfsync syncdev ) ( /etc/hostname.pfsync0 = up syndev
IFACE )
check default gateway on both ( /etc/mygate) / sysctl ip.forwarding=1 and
carp.preempt=1 ( /etc/sysctl.conf )
( pf rules )
put carp and pfsync rules on the TOP of your rules ( for debug purpose set
skip on { lo0 $pfsyncdev }
=> pass quick on { $carpdev $carpdev2 $carpdev3 } proto carp keep state
(no-sync) <=
- Check with tcpdump pflog if carp packets are being dropped
- Check if all carps interfaces are as MASTER in the current node and
check if all is as BACKUP on another
- Check if in the current backup node the states are syncing ( systat
states ) ( compare on both pfctl -ss | wc -l ) almost the same quantity .
Bring up to MASTER the primary node ( ifconfig -g carp carpdemote 30 on
current master node ) the slave need to have a lower value of carpdemote
and NOT DEFINE advskew in the Primary leave default ( 0 ) just on backup
set advskew and put a high value ( advskew 100 ) ( hostname.carp )
- Check carpdemote on the new primary master ( ifconfig -g carp ) if the
value is not 0 set to
- Reboot the slave node ... and when back check if keep as slave ( check
systat states ) ( compare on both pfctl -ss | wc -l ) must be almost equal.
- Check carpdemote on slave should be 0
Reboot the Primary/Master and when back its supposed to be Master
* if you have a huge traffic ( the node you rebooted must delay until
states be syncronized )
About ospf I have no experience working with carp.
one more time sorry any typo
[]'s
2016-10-10 22:58 GMT-03:00 Paul B. Henson <[email protected]>:
> On Mon, Oct 10, 2016 at 09:43:56PM -0300, R0me0 *** wrote:
>
> > Did you adjust advskew value on the machine you want to be Backup ?
>
> Yes, the backup has an advskew of 5 and the primary an advskew of 1. As
> I mentioned, when I first configured the interfaces by hand the two
> systems properly negotiated master/backup roles, it was only after I
> rebooted the one that was supposed to be primary on this interface that
> it came up as backup, and I traced it to the fact the the carp demote value
> was set to 2. When I manually changed the carp demote value to 0, the
> system once again pre-empted the master role on the interface.
>
> I'm just not sure what is twiddling with the carp demotion value. Unless
> ospdf does it by default? The man page for the config file reads like it
> would only do it if you explicitly include the demote keyword in the
> area or interface section.
>
> Thanks for the suggestion though.
