Hi,
OpenBSD 4.2 stable patched to Feb 27, 2008
I've two firewalls with carp failover between them.
One is configured with the carp interfaces having an
advskew of 100, so that machine is normally the backup.
Something happened and the backup has become the master,
and the master has a demotion counter of 1 on the
carp group.
I imagine that rebooting would fix things, but what's
going on?
FWIW, this happened around the time of the nightly fs
backup. Occasionally at this time the backup machine
momentarily becomes the master. I'm presuming that
this is because the network link is saturated
enough to mess with the carp protocol.
On a related note, the ifstated daemon on the backup
firewall did not pick up on the fact that it became
master. Appended is the configuration. Should I
discuss this problem on the openbsd misc list or
is it related to my demotion counter problem?
Thanks for the help.
Karl <[EMAIL PROTECTED]>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
# /etc/ifstatd.conf
#
# The whole idea here is that we want 3 things:
# 1) to be emailed when interfaces go up and down
# 2) to record whether we're running as master, and
# 3) we want to ensure that DHCP runs only on the master firewall.
# (Because there's no way to sync dhcp state between
# two servers we could get conflicts if both servers ran dhcp.)
# net.inet.carp.preempt must be enabled (set to 1) for this to work
correctly.
master_up = "(carp0.link.up && carp1.link.up && carp2.link.up &&
carp3.link.up)"
master_down = "(!carp0.link.up) && (!carp1.link.up) && (!carp2.link.up)
&& (!carp3.link.up)"
master_sync = "!((carp0.link.up && carp1.link.up && carp2.link.up &&
carp3.link.up) || ((!carp0.link.up) && (!carp1.link.up) &&
(!carp2.link.up) && (!carp3.link.up)))"
init-state in_startup
state in_startup {
# initial startup state
run "/usr/local/sbin/yellboot"
run "rm -f /var/mirror_system/bootnote"
if $master_up
set-state in_master
if $master_down
set-state in_backup
}
state in_sync {
# state for when we're neither all master or all backup.
if $master_up {
run "/usr/local/bin/wail 'sync attained, got master'"
set-state in_master
}
if $master_down {
run "/usr/local/bin/wail 'sync attained, in backup'"
set-state in_backup
}
}
state in_master {
init {
# Note that we're now in master state
run "touch /var/mirror_system/am_master"
# Tell dhcp it's the master
run "/usr/sbin/dhcpd sis2"
}
if $master_down || $master_sync {
# Note that we're no longer in master state
run "rm /var/mirror_system/am_master"
# Have dhcp stop running
run "pkill dhcpd"
# Tell the sysadm our current state.
if $master_down {
run "/usr/local/bin/wail 'lost master, in backup'"
set-state in_backup
}
if $master_sync {
run "/usr/local/bin/wail 'lost master, trying to sync'"
set-state in_sync
}
}
}
state in_backup {
if $master_up {
run "/usr/local/bin/wail 'out of backup, got master'"
set-state in_master
}
if $master_sync {
run "/usr/local/bin/wail 'out of backup, trying to sync'"
set-state in_sync
}
}
