Re: Oddities with VLAN/CARP Interfaces on Primary/Failover Setup
Mike Sweetser - Adhost wrote: We currently have a primary/failover setup for two FreeBSD 6.3 servers running PF, and we're running into odd issues when setting up multiple subnets on a single VLAN and CARP interface. We have issues with them coming up properly, and even worse, having both servers believe they are master. If both instances think they're MASTER, make sure you're allowing the multicast traffic for syncing state (in ipfw): | allow carp from $partner to 224.0.0.18 in via $iface Carp is protocol 112 from /etc/protocols. Here's a snippet of one of the VLANs and CARP interfaces in question: ifconfig_vlan10=inet 10.142.255.252 netmask 255.255.0.0 vlan 10 vlandev em2 ifconfig_vlan10_alias0=inet 10.210.0.2 netmask 255.255.0.0 ifconfig_carp10=inet 10.142.255.254 netmask 255.255.0.0 vhid 10 advskew 0 pass testpass ifconfig_carp10_alias0=inet 10.210.0.1 netmask 255.255.0.0 The main difference between this and our other VLAN/CARP interfaces is that because it's separate subnets, the aliases here are set up with /16 netmasks, while the regular aliases on the others are set up with /32s. Is this correct, or should these also be set as /32s? It's correct. If you did a /32 on the alias, your system would have no way of knowing how large the second subnet is. The /32 netmask is for adding an alias on the same subnet. I'm not sure carp can work correctly with aliases. Have you tried creating a separate vhid instance per subnet? For example: | ifconfig_vlan10=inet 10.142.255.252 netmask 255.255.0.0 vlan 10 vlandev em2 | ifconfig_vlan10_alias0=inet 10.210.0.2 netmask 255.255.0.0 | ifconfig_carp10=inet 10.142.255.254 netmask 255.255.0.0 vhid 10 advskew | 0 pass testpass | ifconfig_carp11=inet 10.210.0.1 netmask 255.255.0.0 vhid 11 advskew | 0 pass testpass -- Chris Cowart Network Technical Lead Network Infrastructure Services, RSSP-IT UC Berkeley pgpqOoyOt5N1x.pgp Description: PGP signature
Oddities with VLAN/CARP Interfaces on Primary/Failover Setup
Hello: We currently have a primary/failover setup for two FreeBSD 6.3 servers running PF, and we're running into odd issues when setting up multiple subnets on a single VLAN and CARP interface. We have issues with them coming up properly, and even worse, having both servers believe they are master. Here's a snippet of one of the VLANs and CARP interfaces in question: ifconfig_vlan10=inet 10.142.255.252 netmask 255.255.0.0 vlan 10 vlandev em2 ifconfig_vlan10_alias0=inet 10.210.0.2 netmask 255.255.0.0 ifconfig_carp10=inet 10.142.255.254 netmask 255.255.0.0 vhid 10 advskew 0 pass testpass ifconfig_carp10_alias0=inet 10.210.0.1 netmask 255.255.0.0 The main difference between this and our other VLAN/CARP interfaces is that because it's separate subnets, the aliases here are set up with /16 netmasks, while the regular aliases on the others are set up with /32s. Is this correct, or should these also be set as /32s? Thanks, Mike Sweetser -- Mike Sweetser | Systems Administrator Adhost Internet 140 Fourth Avenue North, Suite 360, Seattle, Washington 98109 USA E [EMAIL PROTECTED]W adhost.com Our brand new Adhost West data center is open - contact us for a tour at 1-888-234-6781 (ADHOST-1) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
