Re: Can't get carp to fail over all interfaces with pfsync

On Wed, Nov 11, 2009 at 05:47:52PM +, Stuart Henderson wrote: On 2009-11-10, Daniel Ouellet dan...@presscom.net wrote: FW1 hostname.if files are: $ cat /etc/hostname.carp0 inet 192.168.167.54 255.255.255.248 192.168.167.55 vhid 1 advskew 0 pass password $ cat

Re: Can't get carp to fail over all interfaces with pfsync

On 2009-11-10, Daniel Ouellet dan...@presscom.net wrote: FW1 hostname.if files are: $ cat /etc/hostname.carp0 inet 192.168.167.54 255.255.255.248 192.168.167.55 vhid 1 advskew 0 pass password $ cat /etc/hostname.carp1 inet 192.168.110.254 255.255.255.224 192.168.110.255 vhid 1 advskew

Re: Can't get carp to fail over all interfaces with pfsync

On Tue, Nov 10, 2009 at 06:36:24PM +1100, Mikel Lindsaar wrote: On Tue, Nov 10, 2009 at 5:37 PM, Daniel Ouellet dan...@presscom.net wrote: FW1 hostname.if files are: $ cat /etc/hostname.carp0 inet 192.168.167.54 255.255.255.248 192.168.167.55 vhid 1 advskew 0 pass password $

Re: Can't get carp to fail over all interfaces with pfsync

On Tue, Nov 10, 2009 at 7:25 PM, Otto Moerbeek o...@drijf.net wrote: On Tue, Nov 10, 2009 at 06:36:24PM +1100, Mikel Lindsaar wrote: Shouldn't you run different vhid ID of carp on different carp instance. Here you have Carp0 and carp 1 both running with vhid 1, so how will the system

Re: Can't get carp to fail over all interfaces with pfsync

Hi, On Tue, 10.11.2009 at 19:53:40 +1100, Mikel Lindsaar raasd...@gmail.com wrote: To clarify, CARP is working in terms of redundancy, what does not seem to be working is the preempting of the primary firewall interfaces by the backup firewall should _one_ of the primary interfaces be taken

IGNORE: Re: Can't get carp to fail over all interfaces with pfsync

On Tue, 10.11.2009 at 13:58:26 +0100, Toni Mueller openbsd-m...@oeko.net wrote: Did you set the appropriate sysctl switch? net.inet.carp.preempt=1 Note to self: Don't write emails when not fully awake. -- Kind regards, --Toni++

Re: Can't get carp to fail over all interfaces with pfsync

On Tue, Nov 10, 2009 at 8:09 PM, Camiel Dobbelaar c...@sentia.nl wrote: To clarify, CARP is working in terms of redundancy, what does not seem to be working is the preempting of the primary firewall interfaces by the backup firewall should _one_ of the primary interfaces be taken off line

Can't get carp to fail over all interfaces with pfsync

Hi list, So googled, went through http://www.openbsd.org/faq/pf/carp.html a few times as well as the archives including one large thread which seemed to deal with this exact issue, but the solution was setting the VHID to the same on all carp interfaces (which I have already tried), and I can't

Re: Can't get carp to fail over all interfaces with pfsync

FW1 hostname.if files are: $ cat /etc/hostname.carp0 inet 192.168.167.54 255.255.255.248 192.168.167.55 vhid 1 advskew 0 pass password $ cat /etc/hostname.carp1 inet 192.168.110.254 255.255.255.224 192.168.110.255 vhid 1 advskew 0 pass password $ cat /etc/hostname.pfsync0 Shouldn't you run

Re: Can't get carp to fail over all interfaces with pfsync

On Tue, Nov 10, 2009 at 5:37 PM, Daniel Ouellet dan...@presscom.net wrote: FW1 hostname.if files are: $ cat /etc/hostname.carp0 inet 192.168.167.54 255.255.255.248 192.168.167.55 vhid 1 advskew 0 pass password $ cat /etc/hostname.carp1 inet 192.168.110.254 255.255.255.224