All -
This is going to be a lengthy email, Sorry about that, I have question about
running CARP + OSPF, I looked at all the email pertaining to it on marc.info
website?
Network scenario:
I have an ethernet segment (172.21.171.0/24) Cisco 1760 (.1), Cisco 2621(.4),
Dell PowerConnect(.2), OpenBSD 4.2 systems(.6, .7 sharing .5 using carp) with
OpenBSD systems running carp + pfsync.
Cisco 1760 is connected to DSL and I redistribute default route from 1760, which
gets propagated as E2 type to all the nodes participating in OSPF
I have another ethernet segment (172.21.71/24) with above mentioned OpenBSD 4.2
systems (.2, .3 sharing .1 using carp) and another Cisco 2610 (.4)
I have a linux host behind c2610 (network: 172.21.55/24) cisco being .1, linux
host being .17
All hosts are in single area (area 0)
I also have 4 networks sitting behind PowerConnect device, 172.21.{167, 145,
125, 99}/24.
Each and every time I try to connect to 172.21.55.17 from 172.21.125.23, I am
seeing tcp connection being shared by two OpenBSD firewalls because of the fact
that they are running OSPF and cisco 2610 is seeing two equal paths to
172.21.125/24 network through the OpenBSD firewalls.
When I connect to Internet from the linux host, I am seeing packets being sent
to the backup instead of the master.
Configuration:
Stock OpenBSD kernel running on 2 PowerEdge 860s with twin broadcom GigE
ethernet interfaces.
# uname -a
OpenBSD carp02.contoso.com 4.2 GENERIC#375 i386
Since this email already is big, I am not including dmesg, if it is needed, Ill
post it.
configuration from OpenBSD system: 172.21.171.6,
ip addresses,
/etc/hostname.bge0: inet 172.21.171.6 255.255.255.0 NONE
/etc/hostname.bge1: inet 172.21.71.2 255.255.255.0 NONE
/etc/hostname.carp0: inet 172.21.171.5 255.255.255.0 172.21.171.255 vhid 1 pass
"Char!i3"
/etc/hostname.carp1: inet 172.21.71.1 255.255.255.0 172.21.71.255 vhid 2 pass
"F00bar"
/etc/hostname.lo127: inet 172.21.127.6 255.255.255.255 NONE
/etc/hostname.pfsync0: up syncif bge1
# ifconfig -a
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33208
groups: lo
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
bge0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:1c:23:e1:cb:85
groups: egress
media: Ethernet autoselect (1000baseT full-duplex)
status: active
inet 172.21.171.6 netmask 0xffffff00 broadcast 172.21.171.255
inet6 fe80::21c:23ff:fee1:cb85%bge0 prefixlen 64 scopeid 0x1
bge1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:1c:23:e1:cb:86
media: Ethernet autoselect (1000baseT full-duplex)
status: active
inet 172.21.71.2 netmask 0xffffff00 broadcast 172.21.71.255
inet6 fe80::21c:23ff:fee1:cb86%bge1 prefixlen 64 scopeid 0x2
enc0: flags=0<> mtu 1536
lo127: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33208
groups: lo
inet 172.21.127.6 netmask 0xffffffff
pfsync0: flags=41<UP,RUNNING> mtu 1460
pfsync: syncdev: bge1 syncpeer: 224.0.0.240 maxupd: 128
groups: carp pfsync
carp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:00:5e:00:01:01
carp: BACKUP carpdev bge0 vhid 1 advbase 1 advskew 0
groups: carp
inet 172.21.171.5 netmask 0xffffff00 broadcast 172.21.171.255
inet6 fe80::200:5eff:fe00:101%carp0 prefixlen 64 scopeid 0x6
carp1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:00:5e:00:01:02
carp: BACKUP carpdev bge1 vhid 2 advbase 1 advskew 0
groups: carp
inet 172.21.71.1 netmask 0xffffff00 broadcast 172.21.71.255
inet6 fe80::200:5eff:fe00:102%carp1 prefixlen 64 scopeid 0x7
/etc/ospfd.conf:
router-id 172.21.127.6
redistribute default set { metric 30 type 2 }
area 0.0.0.0 {
demote carp 1
interface lo127
interface carp0 {
demote carp
}
interface carp1 {
demote carp
}
interface bge1 {
auth-type crypt
auth-md 1 "R0ut1ng"
auth-md-keyid 1
}
interface bge0 {
auth-type crypt
auth-md 1 "R0ut1ng"
auth-md-keyid 1
}
}
# ospfctl show neigh
ID Pri State DeadTime Address Iface Uptime
172.21.127.2 0 FULL/OTHER 00:00:34 172.21.171.2 bge0 00:32:03
172.21.127.1 1 FULL/OTHER 00:00:32 172.21.171.1 bge0 00:32:08
172.21.127.7 1 FULL/OTHER 00:00:34 172.21.171.7 bge0 00:30:48
172.21.127.4 1 FULL/DR 00:00:31 172.21.171.4 bge0 00:34:54
172.21.127.7 1 FULL/OTHER 00:00:34 172.21.71.3 bge1 00:30:43
172.21.127.8 1 FULL/DR 00:00:39 172.21.71.4 bge1 00:35:29
Configuration on OpenBSD system: 172.21.171.7
/etc/hostname.bge0: inet 172.21.171.7 255.255.255.0 NONE
/etc/hostname.bge1: inet 172.21.71.3 255.255.255.0 NONE
/etc/hostname.carp0: inet 172.21.171.5 255.255.255.0 172.21.171.255 vhid 1 pass
"Char!i3"
/etc/hostname.carp1: inet 172.21.71.1 255.255.255.0 172.21.71.255 vhid 2 pass
"F00bar"
/etc/hostname.lo127: inet 172.21.127.7 255.255.255.255 NONE
/etc/hostname.pfsync0: up syncif bge1
# ifconfig -a
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33208
groups: lo
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
bge0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:1c:23:e1:9c:b4
groups: egress
media: Ethernet autoselect (1000baseT full-duplex)
status: active
inet 172.21.171.7 netmask 0xffffff00 broadcast 172.21.171.255
inet6 fe80::21c:23ff:fee1:9cb4%bge0 prefixlen 64 scopeid 0x1
bge1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:1c:23:e1:9c:b5
media: Ethernet autoselect (1000baseT full-duplex,master)
status: active
inet 172.21.71.3 netmask 0xffffff00 broadcast 172.21.71.255
inet6 fe80::21c:23ff:fee1:9cb5%bge1 prefixlen 64 scopeid 0x2
enc0: flags=0<> mtu 1536
lo127: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33208
groups: lo
inet 172.21.127.7 netmask 0xffffffff
pfsync0: flags=41<UP,RUNNING> mtu 1460
pfsync: syncdev: bge1 syncpeer: 224.0.0.240 maxupd: 128
groups: carp pfsync
carp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:00:5e:00:01:01
carp: MASTER carpdev bge0 vhid 1 advbase 1 advskew 0
groups: carp
inet 172.21.171.5 netmask 0xffffff00 broadcast 172.21.171.255
inet6 fe80::200:5eff:fe00:101%carp0 prefixlen 64 scopeid 0x6
carp1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:00:5e:00:01:02
carp: MASTER carpdev bge1 vhid 2 advbase 1 advskew 0
groups: carp
inet 172.21.71.1 netmask 0xffffff00 broadcast 172.21.71.255
inet6 fe80::200:5eff:fe00:102%carp1 prefixlen 64 scopeid 0x7
/etc/ospfd.conf:
router-id 172.21.127.7
redistribute default set { metric 30 type 2 }
area 0.0.0.0 {
demote carp 1
interface lo127
interface carp0 {
demote carp
}
interface carp1 {
demote carp
}
interface bge1 {
auth-type crypt
auth-md 1 "R0ut1ng"
auth-md-keyid 1
}
interface bge0 {
auth-type crypt
auth-md 1 "R0ut1ng"
auth-md-keyid 1
}
}
# ospfctl show neigh
ID Pri State DeadTime Address Iface Uptime
172.21.127.6 1 FULL/BCKUP 00:00:33 172.21.171.6 bge0 00:31:29
172.21.127.2 0 2-WAY/OTHER 00:00:34 172.21.171.2 bge0 -
172.21.127.4 1 FULL/DR 00:00:30 172.21.171.4 bge0 00:31:29
172.21.127.1 1 2-WAY/OTHER 00:00:31 172.21.171.1 bge0 -
172.21.127.6 1 FULL/BCKUP 00:00:33 172.21.71.2 bge1 00:31:24
172.21.127.8 1 FULL/DR 00:00:38 172.21.71.4 bge1 00:31:29
Configuration on c2610 (172.21.71.4) for OSPF, and interfaces
interfaces:
c2610#sh run int fa0/0
Building configuration...
Current configuration : 73 bytes
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
end
c2610#sh run int fa0/0.1
Building configuration...
Current configuration : 199 bytes
!
interface FastEthernet0/0.1
encapsulation dot1Q 300
ip address 172.21.71.4 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 R0ut1ng
ip ospf 127 area 0
end
c2610#sh run int fa0/0.2
Building configuration...
Current configuration : 98 bytes
!
interface FastEthernet0/0.2
encapsulation dot1Q 301
ip address 172.21.55.1 255.255.255.0
end
c2610#sh run int lo127
Building configuration...
Current configuration : 70 bytes
!
interface Loopback127
ip address 172.21.127.8 255.255.255.255
end
router ospf 127
log-adjacency-changes
network 172.21.55.0 0.0.0.255 area 0
network 172.21.71.0 0.0.0.255 area 0
network 172.21.127.8 0.0.0.0 area 0
!
c2610#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 172.21.71.3 to network 0.0.0.0
172.21.0.0/16 is variably subnetted, 13 subnets, 2 masks
O 172.21.171.0/24 [110/11] via 172.21.71.3, 01:09:17, FastEthernet0/0.1
[110/11] via 172.21.71.2, 01:09:17, FastEthernet0/0.1
O 172.21.167.0/24 [110/21] via 172.21.71.3, 01:09:17, FastEthernet0/0.1
[110/21] via 172.21.71.2, 01:09:17, FastEthernet0/0.1
O 172.21.145.0/24 [110/21] via 172.21.71.3, 01:09:17, FastEthernet0/0.1
[110/21] via 172.21.71.2, 01:09:17, FastEthernet0/0.1
O E2 172.21.52.0/24 [110/20] via 172.21.71.3, 01:09:18, FastEthernet0/0.1
[110/20] via 172.21.71.2, 01:09:18, FastEthernet0/0.1
C 172.21.55.0/24 is directly connected, FastEthernet0/0.2
O 172.21.127.6/32 [110/11] via 172.21.71.2, 01:09:18, FastEthernet0/0.1
O 172.21.127.7/32 [110/11] via 172.21.71.3, 01:09:18, FastEthernet0/0.1
O 172.21.127.4/32 [110/12] via 172.21.71.3, 01:09:18, FastEthernet0/0.1
[110/12] via 172.21.71.2, 01:09:18, FastEthernet0/0.1
O 172.21.125.0/24 [110/21] via 172.21.71.3, 01:09:19, FastEthernet0/0.1
[110/21] via 172.21.71.2, 01:09:19, FastEthernet0/0.1
O 172.21.127.1/32 [110/12] via 172.21.71.3, 01:09:19, FastEthernet0/0.1
[110/12] via 172.21.71.2, 01:09:19, FastEthernet0/0.1
C 172.21.127.8/32 is directly connected, Loopback127
O 172.21.99.0/24 [110/21] via 172.21.71.3, 01:09:19, FastEthernet0/0.1
[110/21] via 172.21.71.2, 01:09:19, FastEthernet0/0.1
C 172.21.71.0/24 is directly connected, FastEthernet0/0.1
O*E2 0.0.0.0/0 [110/20] via 172.21.71.3, 01:09:19, FastEthernet0/0.1
[110/20] via 172.21.71.2, 01:09:19, FastEthernet0/0.1
c2610#
LOGS:
Log on OpenBSD 4.2 (172.21.71.2, 172.21.71.3 i.e bge1 interface) for connection
from 172.21.125.23 to 172.21.55.17
Log on 172.21.71.3 (CARP MASTER):
# tcpdump -env -r /tmp/tcp.pcap
06:56:29.474904 00:0c:31:ee:e4:a0 00:1c:23:e1:9c:b5 0800 74: 172.21.55.17.22 >
172.21.125.23.16917: S [tcp sum ok] 1579433713:1579433713(0) ack 3316244461 win
5792 <mss 1460,sackOK,timestamp 139958954 1659385324,nop,wscale 7> (DF) (ttl 63,
id 0, len 60)
06:56:29.483215 00:0c:31:ee:e4:a0 00:1c:23:e1:9c:b5 0800 103: 172.21.55.17.22 >
172.21.125.23.16917: P 1:38(37) ack 1 win 46 <nop,nop,timestamp 139958955
1659385324> (DF) (ttl 63, id 42073, len 89)
06:56:29.484470 00:0c:31:ee:e4:a0 00:1c:23:e1:9c:b5 0800 66: 172.21.55.17.22 >
172.21.125.23.16917: . [tcp sum ok] ack 21 win 46 <nop,nop,timestamp 139958955
1659385324> (DF) (ttl 63, id 42074, len 52)
06:56:29.485568 00:0c:31:ee:e4:a0 00:1c:23:e1:9c:b5 0800 810: 172.21.55.17.22 >
172.21.125.23.16917: P 38:782(744) ack 21 win 46 <nop,nop,timestamp 139958956
1659385324> (DF) (ttl 63, id 42075, len 796)
06:56:29.525076 00:0c:31:ee:e4:a0 00:1c:23:e1:9c:b5 0800 66: 172.21.55.17.22 >
172.21.125.23.16917: . [tcp sum ok] ack 813 win 58 <nop,nop,timestamp 139958960
1659385324> (DF) (ttl 63, id 42076, len 52)
06:56:29.526018 00:0c:31:ee:e4:a0 00:1c:23:e1:9c:b5 0800 66: 172.21.55.17.22 >
172.21.125.23.16917: . [tcp sum ok] ack 837 win 58 <nop,nop,timestamp 139958960
1659385324> (DF) (ttl 63, id 42077, len 52)
06:56:29.528841 00:0c:31:ee:e4:a0 00:1c:23:e1:9c:b5 0800 218: 172.21.55.17.22 >
172.21.125.23.16917: P 782:934(152) ack 837 win 58 <nop,nop,timestamp 139958960
1659385324> (DF) (ttl 63, id 42078, len 204)
06:56:29.556278 00:0c:31:ee:e4:a0 00:1c:23:e1:9c:b5 0800 786: 172.21.55.17.22 >
172.21.125.23.16917: P 934:1654(720) ack 981 win 70 <nop,nop,timestamp 139958963
1659385324> (DF) (ttl 63, id 42079, len 772)
06:56:29.595473 00:0c:31:ee:e4:a0 00:1c:23:e1:9c:b5 0800 66: 172.21.55.17.22 >
172.21.125.23.16917: . [tcp sum ok] ack 997 win 70 <nop,nop,timestamp 139958967
1659385325> (DF) (ttl 63, id 42080, len 52)
06:56:29.596414 00:0c:31:ee:e4:a0 00:1c:23:e1:9c:b5 0800 66: 172.21.55.17.22 >
172.21.125.23.16917: . [tcp sum ok] ack 1045 win 70 <nop,nop,timestamp 139958967
1659385325> (DF) (ttl 63, id 42081, len 52)
06:56:29.596573 00:0c:31:ee:e4:a0 00:1c:23:e1:9c:b5 0800 114: 172.21.55.17.22 >
172.21.125.23.16917: P 1654:1702(48) ack 1045 win 70 <nop,nop,timestamp
139958967 1659385325> (DF) (ttl 63, id 42082, len 100)
06:56:29.612925 00:0c:31:ee:e4:a0 00:1c:23:e1:9c:b5 0800 130: 172.21.55.17.22 >
172.21.125.23.16917: P 1702:1766(64) ack 1125 win 70 <nop,nop,timestamp
139958968 1659385325> (DF) (ttl 63, id 42083, len 116)
06:56:32.347860 00:0c:31:ee:e4:a0 00:1c:23:e1:9c:b5 0800 98: 172.21.55.17.22 >
172.21.125.23.16917: P 1766:1798(32) ack 1269 win 83 <nop,nop,timestamp
139959240 1659385330> (DF) (ttl 63, id 42084, len 84)
06:56:32.351152 00:0c:31:ee:e4:a0 00:1c:23:e1:9c:b5 0800 114: 172.21.55.17.22 >
172.21.125.23.16917: P 1798:1846(48) ack 1333 win 83 <nop,nop,timestamp
139959241 1659385330> (DF) (ttl 63, id 42085, len 100)
06:56:32.359619 00:0c:31:ee:e4:a0 00:1c:23:e1:9c:b5 0800 114: 172.21.55.17.22 >
172.21.125.23.16917: P 1846:1894(48) ack 1733 win 95 <nop,nop,timestamp
139959242 1659385330> (DF) [tos 0x10] (ttl 63, id 42086, len 100)
06:56:32.359777 00:0c:31:ee:e4:a0 00:1c:23:e1:9c:b5 0800 514: 172.21.55.17.22 >
172.21.125.23.16917: P 1894:2342(448) ack 1733 win 95 <nop,nop,timestamp
139959242 1659385330> (DF) [tos 0x10] (ttl 63, id 42087, len 500)
06:56:32.534362 00:0c:31:ee:e4:a0 00:1c:23:e1:9c:b5 0800 130: 172.21.55.17.22 >
172.21.125.23.16917: P 2342:2406(64) ack 1733 win 95 <nop,nop,timestamp
139959259 1659385330> (DF) [tos 0x10] (ttl 63, id 42088, len 116)
Log on 172.21.71.2 (CARP BACKUP)
09:56:47.388308 00:1c:23:e1:cb:86 00:0c:31:ee:e4:a0 0800 78: 172.21.125.23.16917
> 172.21.55.17.22: S [tcp sum ok] 3316244460:3316244460(0) win 16384 <mss
1460,nop,nop,sackOK,nop,wscale 0,nop,nop,timestamp 1659385324 0> (DF) (ttl 62,
id 30384, len 64)
09:56:47.390493 00:1c:23:e1:cb:86 00:0c:31:ee:e4:a0 0800 66: 172.21.125.23.16917
> 172.21.55.17.22: . [tcp sum ok] ack 1579433714 win 16384 <nop,nop,timestamp
1659385324 139958954> (DF) (ttl 62, id 10325, len 52)
09:56:47.399111 00:1c:23:e1:cb:86 00:0c:31:ee:e4:a0 0800 86: 172.21.125.23.16917
> 172.21.55.17.22: P [tcp sum ok] 0:20(20) ack 38 win 16384 <nop,nop,timestamp
1659385324 139958955> (DF) (ttl 62, id 4525, len 72)
09:56:47.400052 00:1c:23:e1:cb:86 00:0c:31:ee:e4:a0 0800 858:
172.21.125.23.16917 > 172.21.55.17.22: P 20:812(792) ack 38 win 16384
<nop,nop,timestamp 1659385324 139958955> (DF) (ttl 62, id 24308, len 844)
09:56:47.440658 00:1c:23:e1:cb:86 00:0c:31:ee:e4:a0 0800 90: 172.21.125.23.16917
> 172.21.55.17.22: P [tcp sum ok] 812:836(24) ack 782 win 16384
<nop,nop,timestamp 1659385324 139958956> (DF) (ttl 62, id 26699, len 76)
09:56:47.452888 00:1c:23:e1:cb:86 00:0c:31:ee:e4:a0 0800 210:
172.21.125.23.16917 > 172.21.55.17.22: P 836:980(144) ack 934 win 16384
<nop,nop,timestamp 1659385324 139958960> (DF) (ttl 62, id 17702, len 196)
09:56:47.479383 00:1c:23:e1:cb:86 00:0c:31:ee:e4:a0 0800 82: 172.21.125.23.16917
> 172.21.55.17.22: P [tcp sum ok] 980:996(16) ack 1654 win 16384
<nop,nop,timestamp 1659385325 139958963> (DF) (ttl 62, id 14073, len 68)
09:56:47.511053 00:1c:23:e1:cb:86 00:0c:31:ee:e4:a0 0800 114:
172.21.125.23.16917 > 172.21.55.17.22: P 996:1044(48) ack 1654 win 16384
<nop,nop,timestamp 1659385325 139958967> (DF) (ttl 62, id 24761, len 100)
09:56:47.514974 00:1c:23:e1:cb:86 00:0c:31:ee:e4:a0 0800 146:
172.21.125.23.16917 > 172.21.55.17.22: P 1044:1124(80) ack 1702 win 16384
<nop,nop,timestamp 1659385325 139958967> (DF) (ttl 62, id 14618, len 132)
09:56:47.725482 00:1c:23:e1:cb:86 00:0c:31:ee:e4:a0 0800 66: 172.21.125.23.16917
> 172.21.55.17.22: . [tcp sum ok] ack 1766 win 16384 <nop,nop,timestamp
1659385325 139958968> (DF) (ttl 62, id 25059, len 52)
09:56:50.261188 00:1c:23:e1:cb:86 00:0c:31:ee:e4:a0 0800 210:
172.21.125.23.16917 > 172.21.55.17.22: P 1124:1268(144) ack 1766 win 16384
<nop,nop,timestamp 1659385330 139958968> (DF) (ttl 62, id 12211, len 196)
09:56:50.265570 00:1c:23:e1:cb:86 00:0c:31:ee:e4:a0 0800 130:
172.21.125.23.16917 > 172.21.55.17.22: P 1268:1332(64) ack 1798 win 16384
<nop,nop,timestamp 1659385330 139959240> (DF) (ttl 62, id 19703, len 116)
09:56:50.267296 00:1c:23:e1:cb:86 00:0c:31:ee:e4:a0 0800 466:
172.21.125.23.16917 > 172.21.55.17.22: P 1332:1732(400) ack 1846 win 16384
<nop,nop,timestamp 1659385330 139959241> (DF) [tos 0x10] (ttl 62, id 21097, len 452)
09:56:50.275449 00:1c:23:e1:cb:86 00:0c:31:ee:e4:a0 0800 66: 172.21.125.23.16917
> 172.21.55.17.22: . [tcp sum ok] ack 2342 win 15888 <nop,nop,timestamp
1659385330 139959242> (DF) [tos 0x10] (ttl 62, id 7578, len 52)
09:56:50.652191 00:1c:23:e1:cb:86 00:0c:31:ee:e4:a0 0800 66: 172.21.125.23.16917
> 172.21.55.17.22: . [tcp sum ok] ack 2406 win 16384 <nop,nop,timestamp
1659385331 139959259> (DF) [tos 0x10] (ttl 62, id 2506, len 52)
When I get apt-get update from the linux host, I see the packet on both OpenBSD
systems is that normal? connection from 172.21.55.17 going to Internet goes to
CARP backup, return connection comes from CARP MASTER is that normal?
packet capture on CARP BACKUP,
# tcpdump -env -r /tmp/tcp.pcap
10:04:19.373426 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 74: 172.21.55.17.48586
> 91.189.88.37.80: S [tcp sum ok] 351479971:351479971(0) win 5840 <mss
1460,sackOK,timestamp 140003926 0,nop,wscale 7> (DF) (ttl 63, id 25333, len 60)
10:04:19.375213 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 74: 172.21.55.17.37795
> 91.189.88.45.80: S [tcp sum ok] 345768381:345768381(0) win 5840 <mss
1460,sackOK,timestamp 140003926 0,nop,wscale 7> (DF) (ttl 63, id 19435, len 60)
10:04:19.537228 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 66: 172.21.55.17.48586
> 91.189.88.37.80: . [tcp sum ok] ack 617875440 win 46 <nop,nop,timestamp
140003943 648837606> (DF) (ttl 63, id 25334, len 52)
10:04:19.537699 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 1007:
172.21.55.17.48586 > 91.189.88.37.80: P 0:941(941) ack 1 win 46
<nop,nop,timestamp 140003943 648837606> (DF) (ttl 63, id 25335, len 993)
10:04:19.539582 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 66: 172.21.55.17.37795
> 91.189.88.45.80: . [tcp sum ok] ack 3530346628 win 46 <nop,nop,timestamp
140003943 692424740> (DF) (ttl 63, id 19436, len 52)
10:04:19.540367 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 1514:
172.21.55.17.37795 > 91.189.88.45.80: . 0:1448(1448) ack 1 win 46
<nop,nop,timestamp 140003943 692424740> (DF) (ttl 63, id 19437, len 1500)
10:04:19.540373 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 470: 172.21.55.17.37795
> 91.189.88.45.80: P 1448:1852(404) ack 1 win 46 <nop,nop,timestamp 140003943
692424740> (DF) (ttl 63, id 19438, len 456)
10:04:19.544132 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 1506:
172.21.55.17.37795 > 91.189.88.45.80: . 0:1440(1440) ack 1 win 46
<nop,nop,timestamp 140003943 692424740> (DF) (ttl 63, id 19439, len 1492)
10:04:19.544137 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 74: 172.21.55.17.37795
> 91.189.88.45.80: . [tcp sum ok] 1440:1448(8) ack 1 win 46 <nop,nop,timestamp
140003943 692424740> (DF) (ttl 63, id 19440, len 60)
10:04:19.728971 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 66: 172.21.55.17.48586
> 91.189.88.37.80: . [tcp sum ok] ack 350 win 54 <nop,nop,timestamp 140003962
648837625> (DF) (ttl 63, id 25336, len 52)
10:04:19.736076 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 66: 172.21.55.17.48586
> 91.189.88.37.80: . [tcp sum ok] ack 824 win 63 <nop,nop,timestamp 140003962
648837625> (DF) (ttl 63, id 25337, len 52)
10:04:19.736547 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 269: 172.21.55.17.48586
> 91.189.88.37.80: P 941:1144(203) ack 824 win 63 <nop,nop,timestamp 140003962
648837625> (DF) (ttl 63, id 25338, len 255)
10:04:19.778137 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 66: 172.21.55.17.48586
> 91.189.88.37.80: . [tcp sum ok] ack 1304 win 71 <nop,nop,timestamp 140003967
648837625> (DF) (ttl 63, id 25339, len 52)
10:04:19.778609 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 66: 172.21.55.17.37795
> 91.189.88.45.80: . [tcp sum ok] ack 356 win 54 <nop,nop,timestamp 140003967
692424764> (DF) (ttl 63, id 19441, len 52)
10:04:19.785238 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 66: 172.21.55.17.37795
> 91.189.88.45.80: . [tcp sum ok] ack 821 win 63 <nop,nop,timestamp 140003967
692424764> (DF) (ttl 63, id 19442, len 52)
10:04:19.786023 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 262: 172.21.55.17.37795
> 91.189.88.45.80: P 1852:2048(196) ack 821 win 63 <nop,nop,timestamp 140003967
692424764> (DF) (ttl 63, id 19443, len 248)
10:04:19.902873 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 66: 172.21.55.17.48586
> 91.189.88.37.80: . [tcp sum ok] ack 2262 win 86 <nop,nop,timestamp 140003979
648837641> (DF) (ttl 63, id 25340, len 52)
10:04:19.907624 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 66: 172.21.55.17.48586
> 91.189.88.37.80: . [tcp sum ok] ack 2446 win 101 <nop,nop,timestamp 140003979
648837643> (DF) (ttl 63, id 25341, len 52)
10:04:19.915037 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 291: 172.21.55.17.48586
> 91.189.88.37.80: P 1144:1369(225) ack 2446 win 101 <nop,nop,timestamp
140003980 648837643> (DF) (ttl 63, id 25342, len 277)
10:04:19.999287 00:0c:31:ee:e4:a0 00:1c:23:e1:cb:86 0800 66: 172.21.55.17.37795
> 91.189.88.45.80: . [tcp sum ok] ack 2257 win 85 <nop,nop,timestamp 140003989
692424780> (DF) (ttl 63, id 19444, len 52)
packet capture on CARP MASTER
07:04:01.618809 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 74: 91.189.88.37.80 >
172.21.55.17.48586: S [tcp sum ok] 617875439:617875439(0) ack 351479972 win 5792
<mss 1460,sackOK,timestamp 648837606 140003926,nop,wscale 8> (DF) [tos 0x20]
(ttl 53, id 0, len 60)
07:04:01.621149 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 74: 91.189.88.45.80 >
172.21.55.17.37795: S [tcp sum ok] 3530346627:3530346627(0) ack 345768382 win
5792 <mss 1460,sackOK,timestamp 692424740 140003926,nop,wscale 8> (DF) [tos
0x20] (ttl 53, id 0, len 60)
07:04:01.804740 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 66: 91.189.88.37.80 >
172.21.55.17.48586: . [tcp sum ok] ack 942 win 30 <nop,nop,timestamp 648837625
140003943> (DF) [tos 0x20] (ttl 53, id 32262, len 52)
07:04:01.810534 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 415: 91.189.88.37.80 >
172.21.55.17.48586: P 1:350(349) ack 942 win 30 <nop,nop,timestamp 648837625
140003943> (DF) [tos 0x20] (ttl 53, id 32263, len 401)
07:04:01.817485 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 540: 91.189.88.37.80 >
172.21.55.17.48586: P 350:824(474) ack 942 win 30 <nop,nop,timestamp 648837625
140003943> (DF) [tos 0x20] (ttl 53, id 32264, len 526)
07:04:01.823964 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 546: 91.189.88.37.80 >
172.21.55.17.48586: P 824:1304(480) ack 942 win 30 <nop,nop,timestamp 648837625
140003943> (DF) [tos 0x20] (ttl 53, id 32265, len 532)
07:04:01.825276 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 78: 91.189.88.45.80 >
172.21.55.17.37795: . [tcp sum ok] ack 1 win 23 <nop,nop,timestamp 692424760
140003943,nop,nop,sack 1 {1449:1853} > (DF) [tos 0x20] (ttl 53, id 16563, len 64)
07:04:01.854279 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 78: 91.189.88.45.80 >
172.21.55.17.37795: . [tcp sum ok] ack 1441 win 34 <nop,nop,timestamp 692424764
140003943,nop,nop,sack 1 {1449:1853} > (DF) [tos 0x20] (ttl 53, id 16564, len 64)
07:04:01.860081 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 433: 91.189.88.45.80 >
172.21.55.17.37795: P 1:356(355) ack 1441 win 34 <nop,nop,timestamp 692424764
140003943,nop,nop,sack 1 {1449:1853} > (DF) [tos 0x20] (ttl 53, id 16565, len 419)
07:04:01.866559 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 543: 91.189.88.45.80 >
172.21.55.17.37795: P 356:821(465) ack 1441 win 34 <nop,nop,timestamp 692424764
140003943,nop,nop,sack 1 {1449:1853} > (DF) [tos 0x20] (ttl 53, id 16566, len 529)
07:04:01.867501 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 66: 91.189.88.45.80 >
172.21.55.17.37795: . [tcp sum ok] ack 1853 win 34 <nop,nop,timestamp 692424764
140003943> (DF) [tos 0x20] (ttl 53, id 16567, len 52)
07:04:01.984201 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 1024: 91.189.88.37.80 >
172.21.55.17.48586: P 1304:2262(958) ack 942 win 30 <nop,nop,timestamp 648837641
140003962> (DF) [tos 0x20] (ttl 53, id 32266, len 1010)
07:04:01.989125 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 250: 91.189.88.37.80 >
172.21.55.17.48586: P 2262:2446(184) ack 1145 win 38 <nop,nop,timestamp
648837643 140003962> (DF) [tos 0x20] (ttl 53, id 32267, len 236)
07:04:02.040911 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 1502: 91.189.88.45.80 >
172.21.55.17.37795: . 821:2257(1436) ack 1853 win 34 <nop,nop,timestamp
692424780 140003967> (DF) [tos 0x20] (ttl 53, id 16568, len 1488)
07:04:02.041068 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 66: 91.189.88.45.80 >
172.21.55.17.37795: . [tcp sum ok] ack 2049 win 46 <nop,nop,timestamp 692424781
140003967> (DF) [tos 0x20] (ttl 53, id 16570, len 52)
07:04:02.166101 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 250: 91.189.88.37.80 >
172.21.55.17.48586: P 2446:2630(184) ack 1370 win 45 <nop,nop,timestamp
648837660 140003980> (DF) [tos 0x20] (ttl 53, id 32268, len 236)
07:04:02.195784 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 1506: 91.189.88.45.80 >
172.21.55.17.37795: . 2257:3697(1440) ack 2049 win 46 <nop,nop,timestamp
692424796 140003967> (DF) [tos 0x20] (ttl 53, id 16571, len 1492)
07:04:02.241159 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 74: 91.189.88.45.80 >
172.21.55.17.37795: . [tcp sum ok] 3697:3705(8) ack 2049 win 46
<nop,nop,timestamp 692424802 140003989> (DF) [tos 0x20] (ttl 53, id 16572, len 60)
07:04:02.365953 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 247: 91.189.88.37.80 >
172.21.55.17.48586: P 2630:2811(181) ack 2810 win 56 <nop,nop,timestamp
648837680 140003997> (DF) [tos 0x20] (ttl 53, id 32269, len 233)
07:04:02.369138 00:1c:23:e1:9c:b5 00:0c:31:ee:e4:a0 0800 250: 91.189.88.37.80 >
172.21.55.17.48586: P 2811:2995(184) ack 2810 win 56 <nop,nop,timestamp
648837680 140003997> (DF) [tos 0x20] (ttl 53, id 32270, len 236)
