Understanding the interplay of ipfw, vlan, and carp
Bruce M. Simpson
bms at FreeBSD.org
Thu Jun 5 06:39:59 UTC 2008
Peter Jeremy wrote:
> Note that one downside of your carpdev patches is that (AFAIK) it is
> no longer possible to identify which host sent the packet: The source
> and destination MAC addresses, as well as the destination IP address
> are all defined by CARP. Once you change the source IP address to be
> the shared address there's nothing to identify which host sent it.
>
If you really, really wanted to, you could write code to prepend the
original IP or MAC as an experimental IP option. Options less than <0x80
are not forwarded in IP fragments.
I can understand why you'd want to do this (debugging springs to mind),
though it does go against the gist of what carp is and does.
Also, there is compatibility to keep in mind, and it's entirely possible
that the presence of a new and unknown IP option is going to break
implementations which don't parse IP option headers correctly, or
trigger other unwanted behaviour ("I don't know what this IP option is
therefore I will drop it").
More information about the freebsd-net
mailing list