Re: [pfSense Support] CARP IP/Hyper-V/Hyper-V R2

Tue, 16 Nov 2010 10:22:58 -0800 

On 10-11-16 12:19 PM, Dimitri Rodis wrote:


On 10-11-15 09:22 PM, Dimitri Rodis wrote:


I recently migrated a pfSense virtual machine (version 1.2.2) that was 
running flawlessly on Hyper-V (first release) with 2 additional CARP 
IP addresses on the WAN interface for about 16 months. Over the 
weekend, I migrated that virtual machine over to a Hyper-V R2 machine, 
and all was well except that the 2 additional CARP IPs do not respond 
to traffic (although traffic to/from/in/out of the WAN's actual IP 
works fine). After rebooting nearly every piece of equipment between 
the servers and the ISP, the only thing that made the CARP IPs work 
again was migrating the virtual machine back to the original Hyper-V 
(non-R2) host.



Any ideas on why CARP IPs wouldn't work on Hyper-V R2? Is there 
something since 1.2.2 that might change this?


Thanks,

Dimitri Rodis

Integrita Systems LLC

http://www.integritasystems.com


I do not know a lot about Hyper-v but in VMWare for instance you can 
block frames with 'faked' mac-addresses. Probably you hit the same 
problem as CARP-packets have MAC-addresses 'not real' but specifically 
crafted. Weird thing though in your e-mail is that you mention only 
one virtual machine... do you use CARP-IPs with one pfSense? if yes 
then why would you need such set up?


Evgeny.


I have several public IPs from the ISP, and need to use each of them 
for different purposes (SSL/TCP-443 for different sites & services). I 
use CARP addresses for the rest of the IPs I've been given---then if I 
get the opportunity to add redundancy, they are already set up that 
way. Obviously the point is that the additional CARP addresses don't 
seem to function at all when pfSense is run under Hyper-V R2 as 
opposed to Hyper-V R1, and I am hoping to resolve that issue so that 
the old server can be formatted and upgraded and added to the 
cluster.. FWIW, both hosts are Dell PowerEdge 2900s **identically** 
configured, with the only exception currently being the of the amount 
of RAM,



It should be pretty easy to check. Under Hyper-V R2 do tcpdump and see 
whether packets with CARP IPs leave your virtual machine and physical 
host. And if you do not see them coming out of physical interface then 
this question should be addressed to Hyper-V community.


Evgeny.






















					Reply via email to