Re: RES: Cant setup carp as BACKUP

2009-05-12 Thread Chris Cowart
Ricardo Augusto de Souza wrote:
 Anyone know how do i 'force' a carp to be backup?
 I set a advskew higher than the master but it comes up as master.

Is there a host-based or network-based firewall blocking the carp
protocol? 

In ipfw, you would need:

/sbin/ipfw add allow carp from $SOME_IP to 224.0.0.18 in via $SOME_INT

For me:

| ccowart wifi-aux-1 / $ ifconfig vlan91
| vlan91: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST metric 0 
mtu 1500
| options=3RXCSUM,TXCSUM
| ether 00:1d:09:29:a7:f5
| inet 10.9.64.2 netmask 0xf000 broadcast 10.9.79.255
| media: Ethernet autoselect (1000baseTX full-duplex)
| status: active
| vlan: 91 parent interface: bce1
| ccowart wifi-aux-1 / $ ifconfig carp11 
| carp11: flags=49UP,LOOPBACK,RUNNING metric 0 mtu 1500
| inet 10.9.64.1 netmask 0x 
| carp: BACKUP vhid 11 advbase 1 advskew 100
| ccowart wifi-aux-1 / $ ifconfig carp21
| carp21: flags=49UP,LOOPBACK,RUNNING metric 0 mtu 1500
| inet 10.9.64.1 netmask 0x 
| carp: MASTER vhid 21 advbase 1 advskew 0
| ccowart wifi-aux-1 / $ sudo tcpdump -i vlan91 proto carp
| tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
| listening on vlan91, link-type EN10MB (Ethernet), capture size 96 bytes
| 14:06:36.009984 IP 10.9.64.3  VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 
|   11, prio 0, authtype none, intvl 1s, length 36
| 14:06:36.143937 IP 10.9.64.2  VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 
|   21, prio 0, authtype none, intvl 1s, length 36
| 14:06:37.012025 IP 10.9.64.3  VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 
|   11, prio 0, authtype none, intvl 1s, length 36
| 14:06:37.146003 IP 10.9.64.2  VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 
|   21, prio 0, authtype none, intvl 1s, length 36

Use tcpdump on your parent interfaces to see if you're seeing the
multicast traffic. Make sure your firewalls allow this traffic.

-- 
Chris Cowart
Network Technical Lead
Network  Infrastructure Services, RSSP-IT
UC Berkeley


pgpemncxpua5v.pgp
Description: PGP signature


RES: Cant setup carp as BACKUP

2009-05-11 Thread Ricardo Augusto de Souza
Anyone know how do i 'force' a carp to be backup?
I set a advskew higher than the master but it comes up as master.
;(

-Mensagem original-
De: owner-freebsd-questi...@freebsd.org 
[mailto:owner-freebsd-questi...@freebsd.org] Em nome de Ricardo Augusto de Souza
Enviada em: segunda-feira, 11 de maio de 2009 10:46
Para: freebsd-questions@freebsd.org
Assunto: Cant setup carp as BACKUP

Hi,

i have 2 servers running FreeBSD 7.1 on IBM 3550.
I configured 2 carp: internal and external carps.

Internal carp is working fine, but external one are MASTER on both servers.

Trinity# cat rc.conf|grep carp
cloned_interfaces=carp0 carp1
ifconfig_carp1=up 10.100.0.119/24 vhid 2 pass fw_cmt123
ifconfig_carp2=up 200.143.111.113/28 vhid 1 pass fw_cmt123
#


carp1: flags=49UP,LOOPBACK,RUNNING metric 0 mtu 1500
inet 10.100.0.119 netmask 0xff00
carp: MASTER vhid 2 advbase 1 advskew 0
ng1: flags=88d1UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST metric 0 mtu 
1460
inet 172.16.0.1 -- 172.16.0.2 netmask 0x
carp2: flags=49UP,LOOPBACK,RUNNING metric 0 mtu 1500
inet 200.143.111.113 netmask 0xfff0
carp: MASTER vhid 1 advbase 1 advskew 0


Ajax# cat rc.conf |grep carp
cloned_interfaces=carp0 carp1
#ifconfig_carp0=up 200.143.111.113/28 vhid 1 advskew 100 pass fw_cmt123
ifconfig_carp2=vhid 1 advskew 100 pass fw_cmt123 200.143.111.113/28
ifconfig_carp1=up 10.100.0.119/24 vhid 2 advskew 100 pass fw_cmt123
Ajax#

carp1: flags=49UP,LOOPBACK,RUNNING metric 0 mtu 1500
inet 10.100.0.119 netmask 0xff00
carp: BACKUP vhid 2 advbase 1 advskew 100
carp2: flags=49UP,LOOPBACK,RUNNING metric 0 mtu 1500
inet 200.143.111.113 netmask 0xfff0
carp: MASTER vhid 1 advbase 1 advskew 100
Ajax#

How do i set carp2 on Ajax to be BACKUP?

AT this configuration,  most packets to 200.143.111.113 are going to Trinity 
and some going to Ajax.

Thanks


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org