carp on bridge interface: INIT

alexander lunyov sol289 at gmail.com
Wed Oct 5 17:40:14 UTC 2011 

On Wed, Oct 5, 2011 at 9:53 AM, alexander lunyov <sol289 at gmail.com> wrote:
> I need to make work a scheme like this:
>
> http://i.imgur.com/1xsXX.png
>
> So, i have 3 servers: in, out1 and out2; out1 and out2 plugged into
> one switched environment, so they can see each other on layer 2, which
> is bad for me, because they can make a switching loop in some case.
>
> out1 and out2 connects with openvpn to "in" in bridged configuration,
> tap interfaces have no addresses.
>
> Then i make bridge interfaces on all servers and adding only tap0
> interfaces to bridge0 on each server, make each bridge0 interface
> configured with address from 10.0.0.0/24 subnet. On this moment
> everything is working and servers pinging each other 10.0.0.0/24
> address.
>
> Then i want to make carp work on out1 and out2 on bridge0-tap0 pair,
> but if i config carp0 interface to work in 10.0.0.0/24 subnet, it
> stays in INIT state forever - so this is my first question - why carp
> won't work on bridge0-tap0 interface?
>
> If i bridge tap0 and em0 interfaces on out1 and out2, then carp on
> both servers get into MASTER state, i get switching loop and when i
> use tcpdump on bridge0 interfaces (-i bridge0 net 10.0.0.0/24), on
> out1 i see ONLY vrrp advertisements from out2 (no advertisements from
> out1), on out2 bridge0 i see ONLY advertisements from out1, and on
> "in" bridge0 i see advertisements from both servers, and nothing is
> working.
>
> So, here's the second question - how to make things work in this case?
> STP? But how to configure it, what interfaces put into STP? And will
> my precious carp work with STP?
>
>
> Thank you for your attention.

i create carp0 interface with commands:

/sbin/ifconfig carp0 create
/sbin/ifconfig carp0 vhid 1 advskew 10 pass jkbsvdreg 10.0.0.10/24

/sbin/sysctl net.inet.carp.preempt=1
/sbin/sysctl net.inet.carp.drop_echoed=1


then i see in log:

Oct  5 17:11:49 220 kernel: bridge0: promiscuous mode enabled

carp interface is:

carp0: flags=8<LOOPBACK> metric 0 mtu 1500
        inet 10.0.0.10 netmask 0xffffff00
        carp: INIT vhid 1 advbase 1 advskew 10

if i do "ifconfig carp0 up" i see this error in /var/log/messages:

Oct  5 17:15:13 220 kernel: ifa_add_loopback_route: insertion failed

and carp interface become up

carp0: flags=9<UP,LOOPBACK> metric 0 mtu 1500
        inet 10.0.0.10 netmask 0xffffff00
        carp: INIT vhid 1 advbase 1 advskew 10


And beside this i don't see any carp log messages.

here's sysctls:

# sysctl -a | grep carp
net.inet.ip.same_prefix_carp_only: 0
net.inet.carp.allow: 1
net.inet.carp.preempt: 1
net.inet.carp.log: 2
net.inet.carp.arpbalance: 0
net.inet.carp.drop_echoed: 1
net.inet.carp.suppress_preempt: 1

system is 8.2-R

Interfaces on out1/2

em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC>
        ether 00:25:90:06:a7:ee
        inet x.x.x.220 netmask 0xffffff00 broadcast x.x.x.255
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
em1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric
0 mtu 1500
        options=2098<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC>
        ether 00:25:90:06:a7:ef
        media: Ethernet autoselect
        status: no carrier
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=3<RXCSUM,TXCSUM>
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet6 ::1 prefixlen 128
        inet 127.0.0.1 netmask 0xff000000
        nd6 options=3<PERFORMNUD,ACCEPT_RTADV>
tap0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST>
metric 0 mtu 1500
        options=80000<LINKSTATE>
        ether 00:bd:39:50:01:00
        Opened by PID 1521
bridge0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST>
metric 0 mtu 1500
        ether 56:7e:c1:dc:ff:2f
        inet 10.0.0.20 netmask 0xff000000 broadcast 10.255.255.255
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: tap0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 4 priority 128 path cost 2000000
carp0: flags=8<LOOPBACK> metric 0 mtu 1500
        inet 10.0.0.10 netmask 0xffffff00
        carp: INIT vhid 1 advbase 1 advskew 10




--
your sweet isn't ready yet


>
> --
> your sweet isn't ready yet
>

More information about the freebsd-net mailing list