CARP and VRRP incompatible on the same network segment?

[Zack Lawson]

Hey everyone,

I am having an issue where CARP interfaces on the same network segment
as VRRP interfaces (on our ISP's routers) are causing the CARP
interfaces to malfunction.

I also get the following errors in /var/log/messages:

/bsd: carp: received len 8  36 on carp2
last message repeated 3005 times

When nating through this carp interface, I get packet loss up to 45%.
When using the same IP, but through a non-carp interface, I no problems
whatsoever.

Anyone have any ideas? Should CARP and VRRP be able to function on the
same network segment?

-- 
Zack Lawson
Network Administrator @ [EMAIL PROTECTED], Inc.
707 Broadway, Suite 1000
San Diego, CA 92101
(619) 814-1999 (voice), x 155
(619) 994-6622 (cell)
(619) 814-1998 (fax)
www.interactivate.com

***This message is intended only for the use of the Addressee and may
contain information that is PRIVILEGED and CONFIDENTIAL. If you are not
the intended recipient, dissemination of this communication is
prohibited. If you have received this communication in error, please
erase all copies of the message and its attachments and notify us
immediately.***

Re: no scrub reassemble tcp from foo to bar

[jared r r spiegel]

On Tue, Oct 18, 2005 at 11:50:41AM -0400, Jon Hart wrote:

 What I'd like is to disable scrub's tcp reassembly on per
 host/port/protol basis, something along the lines of:
 
scrub all no-df random-id fragment reassemble reassemble tcp
no scrub inet proto tcp from any to $SAN_NET port 3260 reassemble tcp 
 
 I'll bring up a test system to see if this is possible, but my question
 is will this get me what I want?  I want to do full scrubbing on all of
 my traffic except I don't want to do tcp reassembly on port 3260/tcp for
 a specific host.

  flip the order, no scrub first (normalization is like translation,
  first match).

  other than that, looks fine.

-- 

  jared

[ openbsd 3.8 GENERIC ( oct 15 ) // i386 ]