Am Thu, 09 Oct 2008 19:45:01 -0700
schrieb Brian <[EMAIL PROTECTED]>:
> Hello,
>
> After much reading of man pages, FAQs and googling, I have come up
> against a dead end. I have a dual redundant CARP setup on 2 sparc64
> boxes running 4.3, with an Ovislink OV303 ADSL bridge for internet
> connectivity. All ports are connected to the bridge with a procurve
> 1800-24g semi-intelligent switch.
> The problems are that the multicast CARP packets are getting
> forwarded over the bridge and running up my very limited bandwidth
> cap (which, of course, is no one's problem but my own) and more
> importantly is causing my ADSL connection to be dropped every 10-15
> minutes. The tech at the ISP diagnosed the problem, and I wouldn't
> have believed it if I hadn't verified the behaviour myself. As soon
> as I disable CARP on the external interface and the CARP announce
> packets stop, the connection stays up for days. With CARP running, I
> would sometimes be down for hours, with the ADSL connection going up
> for a second, and dropping right away. I tried to do multicast
> filtering on the ADSL port, but my switch isn't intelligent enough,
> and the ADSL device won't filter in bridge mode. The only thing I
> could think to do is to put the 2 CARP ports on a seperate VLAN and
> route the CARP multicast packets through that, but my attempts to use
> pf to rdr the multicast packets to a separate vlan0 interface have
> not been successful. Is there a magical way to resolve my situation
> without buying a more expensive switch? I thought it would be worth
> asking before shutting up and hacking together a possibly stupid VLAN
> tagging solution in ip_carp. Thanks for your patience.
>
> -Brian Marshall
>
Hi Brian,
did You try to avoid multicast by setting up the carppeers directly?
See man ifconfig:
carppeer peer_address
If the driver is a carp(4) pseudo-device, send the carp adver-
tisements to a specified point-to-point peer or multicast group
instead of sending the messages to the default carp multicast
group. The peer_address is the IP address of the other host
tak-
ing part in the carp cluster. With this option, carp(4) traffic
can be protected using ipsec(4) and it may be desired in
networks
that do not allow or have problems with IPv4 multicast traffic.
Regards Uwe
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name of signature.asc]
