Re: 2 carp devices for same IP on same host (with 2 nics)
pcn2 : 10.1.1.11 pcn3 : 10.1.1.12 # cat /etc/hostname.carp1 inet 10.1.1.1 255.255.255.0 10.1.1.255 vhid 2 carpdev pcn2 advskew 0 # cat /etc/hostname.carp2 inet 10.1.1.1 255.255.255.0 10.1.1.255 vhid 2 carpdev pcn3 advskew 10 When I start the network, carp1 gets MASTER role but carp2 is on INIT state and not backup. I've checked /etc/pf.conf and it's ok. Problem is that carp2 never gets MASTER when I take down pcn2... I have never tried the setup you are proposing, but something doesn't seem right. Shouldn't both NICs belong to the same carp1? What happens if you try: # cat /etc/hostname.carp1 inet 10.1.1.1 255.255.255.0 10.1.1.255 vhid 2 carpdev pcn2 advskew 0 inet 10.1.1.1 255.255.255.0 10.1.1.255 vhid 2 carpdev pcn3 advskew 10 _ Going green? See the top 12 foods to eat organic. http://green.msn.com/galleries/photos/photos.aspx?gid=164ocid=T003MSN51N1653 A
Re: 2 carp devices for same IP on same host (with 2 nics)
What's the point behind this setup ? It doesn't make any sense! John Well, it makes some sort of sense for me (but as I'm no expert, could be a sweet dream :) ) so it's best I try to share what I'm looking for : There are 2 level of firewalls : 1st with fw1 fw2 protects from internet and manages DMZ 2nd with ifw1 ifw2 manages inter-vlan filtering I'd like to achive high availability accross these 2 levels, without the need for a switch between, hence the four red cables. To be precise, it's also because I want to be able to unplug ifw1 (which leads ifw2 to take over) without having fw2 taking over fw1 (which would be the case if I'd only have one nic toward the inside on fw1) . Therefore, if you unplug the link between ifw1 and fw1 (pcn2), pcn3 on fw1 should be elected as master and talk to the new master on the other side. So, have I changed your mind about it ? Best regards, -- Mikael Kermorgant
Re: 2 carp devices for same IP on same host (with 2 nics)
On Mon, Apr 14, 2008 at 11:16 PM, Tom Geman [EMAIL PROTECTED] wrote: Problem is that carp2 never gets MASTER when I take down pcn2... I have never tried the setup you are proposing, but something doesn't seem right. Shouldn't both NICs belong to the same carp1? What happens if you try: # cat /etc/hostname.carp1 inet 10.1.1.1 255.255.255.0 10.1.1.255 vhid 2 carpdev pcn2 advskew 0 inet 10.1.1.1 255.255.255.0 10.1.1.255 vhid 2 carpdev pcn3 advskew 10 Thanks, I can't try right now but I hope I'll be able tomorrow. Anyway, it could be that my problem is related to the preempt option. The man page I should have looked at before posting says this : For firewalls and routers with multiple interfaces, it is desirable to failover all of the carp interfaces together, when one of the physical interfaces goes down. This is achieved by the preempt option. Enable it on both host A and B So when I take pcn2 down, preemt probably takes all carp devices down, including the one that should become MASTER... If your solution does not work, I thought I'd try a failover trunking of pcn2 and pcn3, giving some trunk0 interface I could associate with a single carp device. I'll keep this updated asap. Best regards, -- Mikael Kermorgant
