In mode=1 the active interface sends traffic, but both interfaces accept 
incoming traffic. Hardware switches send broadcast/multicast/unknown 
destination MACs to all ports, including the passive interface. So packet sent 
from the active interface can be received back from the passive interface. 
FreeBSD CARP just would go mad when it receives its own packets.

I believe if you get Linux implementation, it will work well in the same 
network setup. I use keepalived in oVirt VMs with bonded network, and have no 
issues. 

-----Original Message-----
From: "Matt ." <yamakasi....@gmail.com>
Date: Wednesday 13 July 2016 at 15:54
To: Pavel Gashev <p...@acronis.com>, users <users@ovirt.org>
Subject: Re: [ovirt-users] CARP Fails on Bond mode=1

How can it lead into packet duplication when the passive should not be
active and only it's mac-address should be visible on the switch to
prevent confusion on the switch ?

For a VRRP setup on the switch there is no other option then mode=1 as
far as I know ?

2016-07-13 14:50 GMT+02:00 Pavel Gashev <p...@acronis.com>:
> I would say that bonding breaks CARP somehow. In example mode=1 can lead to 
> packet duplication, so pfsense can receive it's own packets. Try firewall in 
> pfsense all incomming packets that have the same source MAC address as 
> pfsense.
>
> -----Original Message-----
> From: "Matt ." <yamakasi....@gmail.com>
> Date: Wednesday 13 July 2016 at 15:29
> To: Pavel Gashev <p...@acronis.com>
> Subject: Re: [ovirt-users] CARP Fails on Bond mode=1
>
> Hi Pavel,
>
> No it's Pfsense, so FreeBSD.
>
> Is there something different there ?
>
>
>
> 2016-07-13 13:59 GMT+02:00 Pavel Gashev <p...@acronis.com>:
>> Matt,
>>
>> How is CARP implemented? Is it OpenBSD?
>>
>> -----Original Message-----
>> From: <users-boun...@ovirt.org> on behalf of "Matt ." 
>> <yamakasi....@gmail.com>
>> Date: Wednesday 13 July 2016 at 12:42
>> Cc: users <users@ovirt.org>
>> Subject: Re: [ovirt-users] CARP Fails on Bond mode=1
>>
>> Hi Pavel,
>>
>> This is done and used without the Bond before.
>>
>> Now I applied a bond it goes wrong and I'm searching but can't find a
>> thing about it.
>>
>>
>>
>> 2016-07-13 11:03 GMT+02:00 Pavel Gashev <p...@acronis.com>:
>>> Matt,
>>>
>>> In order to use CARP/VRRP in a VM you have to disable MAC spoofing 
>>> prevention.
>>> http://lists.ovirt.org/pipermail/users/2015-May/032839.html
>>>
>>> -----Original Message-----
>>> From: <users-boun...@ovirt.org> on behalf of "Matt ." 
>>> <yamakasi....@gmail.com>
>>> Date: Tuesday 12 July 2016 at 21:58
>>> To: users <users@ovirt.org>
>>> Subject: [ovirt-users] CARP Fails on Bond mode=1
>>>
>>> Hi guys,
>>>
>>> I have been testing bonding with a vm connected to the network on this
>>> bond mode=1 (vlans on top of it) where the vm uses a carp IP for
>>> failover.
>>>
>>> It seems that when the VM which holds the Carp IP and so is Master you
>>> can ping both IP's, so interface IP and Carp IP, but you cannot
>>> throw/route any traffic over it.
>>>
>>> You can route traffic over the interface IP of the Carp Slave.
>>>
>>> Is this known or just not possible ?
>>>
>>> I hope it's a "bug" :)
>>>
>>> Thanks,
>>>
>>> Matt
>>> _______________________________________________
>>> Users mailing list
>>> Users@ovirt.org
>>> http://lists.ovirt.org/mailman/listinfo/users
>>>
>>>
>> _______________________________________________
>> Users mailing list
>> Users@ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>>
>
>


_______________________________________________
Users mailing list
Users@ovirt.org
http://lists.ovirt.org/mailman/listinfo/users

Reply via email to