On Thu, Jun 21, 2018 at 11:06:36AM +0200, Henrik Dige Semark wrote: > On 21-06-2018 10:30, Stefan Sperling wrote: > > On Thu, Jun 21, 2018 at 10:07:06AM +0200, Janne Johansson wrote: > >> Den ons 20 juni 2018 kl 19:59 skrev Henrik Dige Semark <[email protected]>: > >> > >>> Hey everybody, > >>> > >>> # Server 1 > >>> My /etc/hostname.* for CARP's and pfsync + host adaptor: > >>> https://pastebin.com/vrtuPqnQ > >>> My /etc/pf.conf: https://pastebin.com/yhVkG4x4 > >>> > >>> # Server 2 > >>> My /etc/hostname.* for CARP's and pfsync + host adaptor: > >>> https://pastebin.com/a7fuM923 > >>> My /etc/pf.conf: https://pastebin.com/xNr1TtZ7 > >>> > >>> Any help or pointers would be fantastic. > >>> I have struggled with this for a week now and I'm running out of idears - > >>> the only solution I have right now is turning off the backup server. > >>> > >> You should have different advskew on expected master and slave carps, no? > > Looks to me like that is already the case (Server 1 is has advskew 0, > > Server 2 has advskew 100). > To be fair, I have just changed it to see if it makes a difference, but > I still have the problem with package-loss - I'll try to change it to > 20/80 later, it's a good idea if I want to change around easy between > the servers. > >> Also, we used to have something like 20 for master and 80 on slave so one > >> can place slaves before master, or master after slave if you want to signal > >> "I am still running but would like to hand over to the other if we can". > > The carp demote counter is also relevant to failover and is sometimes > > raised at run-time when interface output errors occur. The advskew value > > only matters as long as the demote counter is equal on both sides. > > See 'ifconfig -g carp' and the 'carpdemote' directives documented in > > the INTERFACE GROUPS section of the ifconfig man page. > Both servers have > # ifconfig -g carp > carp: carp demote count 0 > > To avoid potential routing issues, I would recommend setting netmasks > > to /32 on all carp interfaces if they share a subnet with an Ethernet > > interface. > The only carp that is in the same subnet is carp1 and host interface em0 > so that I can connect to each server directly, but I have solved the > routing with creating a different routing table, but it would be a good > idea to change it to /32 so that it's only the default gw that is on the > CARP and nothing else. > > I have no idea about a possible specific reason for packet loss, though. > > > Snippet from: Robert Blacquiere <[email protected]> > > Just a quick thought as em devices are emulated on kvm did you try > > disableling hw offloading on the interfaces? I had some similair issue > > with a vps pings seem to work but other traffic had drops. > I haven't tried to disable HW offload, but do you think it could be a > problem, when it worked fin under older versions of OpenBSD? > > Med Venlig Hilsen / Best Regards > Henrik Dige Semark > > >
I had some issues with vps with em interfaces and pseudo hw offloading. Now I never use offloading on vps and have not encountered these strange things like packet drop or icmp work but tcp/udp fails and carp strange hickups. Also encountered issue with multicast on juniper in combination with numbered management vlan on the default vlan. Some where in juniper they got silenced. Regards Robert
