Hi all,
I'm having some trouble with a two-node CARP setup.
Configuration:
HostA
/etc/hostname.em0
inet XXX.XXX.XXX.196 255.255.255.244 XXX.XXX.XXX.223 \
media 100baseTX mediaopt full-duplex description External
/etc/hostname.em1
inet 192.168.10.2 255.255.255.0 192.168.10.255 \
media 100baseTX mediaopt full-duplex description Internal
/etc/hostname.em2
inet 10.10.10.1 255.255.255.0 10.10.10.255 \
media 100baseTX mediaopt full-duplex description pfsync
/etc/hostname.pfsync0
up syncdev em2
/etc/hostname.carp0
inet XXX.XXX.XXX.198 255.255.255.224 XXX.XXX.XXX.223 vhid 1 pass foo
inet alias XXX.XXX.XXX.199 255.255.255.224 NONE
inet alias XXX.XXX.XXX.200 255.255.255.224 NONE
inet alias XXX.XXX.XXX.201 255.255.255.224 NONE
inet alias XXX.XXX.XXX.202 255.255.255.224 NONE
inet alias XXX.XXX.XXX.203 255.255.255.224 NONE
/etc/hostname.carp1
inet 192.168.10.1 255.255.255.0 192.168.10.255 vhid 2 pass bar
$ cat /etc/sysctl.conf | grep -v '^#'
net.inet.ip.forwarding=1 # 1=Permit forwarding (routing) of IPv4 packets
net.inet.carp.preempt=1 # 1=Enable carp(4) preemption
HostB
Almost the same, but using XXX.XXX.XXX.197 on em0 and 192.168.10.3 on
em1 and 10.10.10.2 on em2 and the carp interfaces have advskew 100
configured so the box is BACKUP
Now the problem:
I can reach XXX.XXX.XXX.196 and all configured aliases without trouble.
I can ssh in, relayd relays are working fine and all. If the box goes
down or looses connection the second box takes over and everyone is
happy.
BUT, I cannot reach XXX.XXX.XXX.197 when HostB is in backup state.
My suspicion is that this is a routing issue. Looking at the output of
route -n show:
HostA:
$ route -n show -inet
Routing tables
Internet:
Destination Gateway Flags Refs Use Mtu Prio
Iface
default XXX.XXX.XXX.193 UGS 9 53475499 - 48
carp0
10.10.10/24 link#3 UC 1 0 - 48
em2
10.10.10.2 00:15:17:95:c4:43 UHLc 0 1207 - 48
em2
XXX.XXX.XXX.192/27 link#6 UC 21 0 - 48
carp0
XXX.XXX.XXX.193 00:00:5e:00:01:0c UHLc 1 0 - 48
carp0
XXX.XXX.XXX.194 00:17:cb:ab:81:fe UHLc 0 0 - 48
carp0
XXX.XXX.XXX.195 00:19:e2:0c:31:fe UHLc 0 0 - 48
carp0
XXX.XXX.XXX.196 00:15:17:9f:3d:88 UHLc 0 3 - 48
lo0
XXX.XXX.XXX.196/30 link#1 UC 1 0 - 48
em0
XXX.XXX.XXX.198 XXX.XXX.XXX.198 UH 0 5 - 48
carp0
XXX.XXX.XXX.199 XXX.XXX.XXX.199 UH 0 3 - 48
carp0
XXX.XXX.XXX.200 00:00:5e:00:01:01 UHLc 0 6 - 48
lo0
XXX.XXX.XXX.201 00:00:5e:00:01:01 UHLc 0 5 - 48
lo0
XXX.XXX.XXX.202 00:00:5e:00:01:01 UHLc 0 8 - 48
lo0
HostB:
$ route -n show -inet
Routing tables
Internet:
Destination Gateway Flags Refs Use Mtu Prio
Iface
default XXX.XXX.XXX.193 UGS 0 190387 - 48
carp0
10.10.10/24 link#3 UC 1 0 - 48
em2
10.10.10.1 00:15:17:95:c2:b6 UHLc 0 565 - 48
em2
XXX.XXX.XXX.192/27 link#6 UC 1 0 - 48
carp0
XXX.XXX.XXX.193 link#6 UHLc 1 0 - 48
carp0
XXX.XXX.XXX.196/30 link#1 UC 0 0 - 48
em0
Any pointers to get this setup correctly so I can reach the addresses on
the physical interfaces of both boxen, no matter in what CARP state they
are ?
--
Michiel van Baak
[email protected]
http://michiel.vanbaak.eu
GnuPG key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x71C946BD
"Why is it drug addicts and computer aficionados are both called users?"
