Re: More than 255 vhid's w/ CARP
It's true, but this can't solve any problems. In my case I have a /16 subnet and I need to nat every single IP to a different IP, for a total amount of about 400 IPs. Same subnet, same interface, redundant firewall with carp. Is there another way to increase vhid limit? On Aug 10, 2006 2:47 AM, Ryan McBride [EMAIL PROTECTED] wrote: On Wed, Aug 09, 2006 at 07:33:08PM -0400, Jason Dixon wrote: Unless you're using more than 255 VLANs (unlikely), you don't need that many vhids. Also, if the carp(4) devices are connected are on different VLANS (distinct layer 2 segments), you can use the same vhid on multiple interfaces.
Re: More than 255 vhid's w/ CARP
On Wed, Dec 05, 2007 at 01:00:11PM +0100, SeDoFa wrote: It's true, but this can't solve any problems. In my case I have a /16 subnet and I need to nat every single IP to a different IP, for a total amount of about 400 IPs. Same subnet, same interface, redundant firewall with carp. Is there another way to increase vhid limit? You can't put multiple aliases on a single carp interface? Either way, this is a pretty scary setup because both addresses and interfaces are managed in linked lists in many places within the kernel, so when you do hundreds of them, performance will suffer. You may want to look at other ways you can modify your network architecture to make this possible - starting with routing the subnet to you firewall, so that you don't have to actually assign the addresses to an interface in order to nat to them. -Ryan
More than 255 vhid's w/ CARP
Hi All, We're setting up some VLAN routers using a pair of machines. We have a bunch of VLANs and we're using CARP to provide redunancy. Currently, there is a carpNNN interface built on top of every vlanNNN interface, which are themselves built on the actual ethernet interface. We're using VLAN IDs as high as 1000. The CARP vhid's, however, can only go as high as 255 per ifconfig(8). Is there a way to increase this number to match the VLAN limit (4096, I believe)? Or, perhaps we're doing this wrong and we should be using the same vhid for every CARP interface? Can somebody enlighten me? thanks, Chris
Re: More than 255 vhid's w/ CARP
On Aug 9, 2006, at 6:59 PM, Christopher Snell wrote: Hi All, We're setting up some VLAN routers using a pair of machines. We have a bunch of VLANs and we're using CARP to provide redunancy. Currently, there is a carpNNN interface built on top of every vlanNNN interface, which are themselves built on the actual ethernet interface. We're using VLAN IDs as high as 1000. The CARP vhid's, however, can only go as high as 255 per ifconfig(8). Is there a way to increase this number to match the VLAN limit (4096, I believe)? Or, perhaps we're doing this wrong and we should be using the same vhid for every CARP interface? Can somebody enlighten me? Unless you're using more than 255 VLANs (unlikely), you don't need that many vhids. Your VLAN id's won't match your vhids, but they don't need to, even for readability. Use the description value (ifconfig (8)) or assign it to a named group. If you use a description in your VLAN, assign that value as your CARP interface description and group. Then you can simply refer to the group value when you're looking for an interface. Example: # ifconfig carp5 group guest # ifconfig guest carp5: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 description: GUEST carp: MASTER carpdev vlan5 vhid 205 advbase 1 advskew 0 groups: carp guest inet 10.200.0.1 netmask 0xff00 broadcast 10.200.0.255 As far as the limit of 255 goes, you'll notice that the vhid is equal to the last octet of the virtual mac address for the CARP interface (can be seen by tcpdump'g CARP traffic on your vlan interface). HTH. -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net
Re: More than 255 vhid's w/ CARP
On Wed, Aug 09, 2006 at 07:33:08PM -0400, Jason Dixon wrote: Unless you're using more than 255 VLANs (unlikely), you don't need that many vhids. Also, if the carp(4) devices are connected are on different VLANS (distinct layer 2 segments), you can use the same vhid on multiple interfaces.
