On Thu, Oct 23, 2008 at 6:24 AM, <[EMAIL PROTECTED]> wrote: > Greetings list. > > I have a set of four load-balanced carp servers. Here are there > hostname.carp files: > > box1: inet 10.104.72.0 255.255.224.0 NONE carpdev em0 balancing ip-stealth > carpnodes 1:0,2:100,3:100,4:100 > > box2: inet 10.104.72.0 255.255.224.0 NONE carpdev em0 balancing ip-stealth > carpnodes 1:100,2:0,3:100,4:100 > > box3: inet 10.104.72.0 255.255.224.0 NONE carpdev em0 balancing ip-stealth > carpnodes 1:100,2:100,3:0,4:100 > > box4: inet 10.104.72.0 255.255.224.0 NONE carpdev em0 balancing ip-stealth > carpnodes 1:100,2:100,3:100,4:0 > > We notice that the first box (or whichever box holds vhid 1, advskew 0) > has the following route: > 10.104.72.0 10.104.72.0 UH 0 4 - carp0 > > Thus when box1 pings the carp IP, it responds to itself and none of the > other carp hosts sees the traffic.
Not sure about this. I would agree if with what you say if instead of carp0 you'd have lo0 in the entry. Having carp0 means the packet will be sent to the CARP interface for processing and hence over the network to the muticast MAC address of the CARP interface, where all nodes in the group will see it. > > This behavior is expected, and useful to us. > > The other three boxes however do not have this route, possessing instead > a route for the carp IP that points to em0: > 10.104.72.0 00:00:5e:00:01:01 UHLc 1 27000 - em0 > > When one of the other three boxes attempts to ping the carp IP all four > boxes sees the traffic and none of them responds. > > This behaviour is neither expected, nor useful to us. > > So my question is, what is carp thinking in this configuration? Am I > wrong to expect that all four load balanced carp hosts should contain a > local route to the carpdev for a shared carp IP? Why would > vhid1,advskew0 be different than the other three? I don't think CARP works they way you expect. For each incoming packet, and when using IP balancing, all nodes in the CARP group have to see the traffic (this is achieved by using a multicast MAC address). Even if it's one of the nodes pinging the CARP IP, this process will still apply (loopback processing should not be done). The nodes will apply a hash function to (source IP, destination IP) modulo 4 of the packet received on the CARP interface and the one that sees the result match its vhid will process the packet. Only one node will have the result of the previous function match its vhid when its master. > > Thanks in advance. > > --dave josephsen > > [demime 1.01d removed an attachment of type application/pgp-signature] > > -- http://www.felipe-alfaro.org/blog/disclaimer/
