carp and rtadvd

[Mark Felder]

On Jan 28, 2014, at 7:07, Ole Myhre <ole at dataoppdrag.no> wrote:

> Hi,
> 
> I have a simple setup with two 10.0-RELEASE firewalls running carp, a
> virtual IPv6 address and running rtadvd:
> 
> (applied to both firewalls)
> 
> # kldload carp
> # ifconfig em2 inet6 2001:db8::1/64 vhid 1 up
> # sysctl net.inet6.ip6.forwarding=1
> # echo 'rtadvd_enable="YES"' >> /etc/rc.conf
> # echo 'rtadvd_interfaces="em2"' >> /etc/rc.conf
> # service rtadvd start
> 
> This works fine, one firewall is MASTER, the other BACKUP and the
> clients behind em2 gets a prefix in the 2001:db8::/64 subnet. However
> both firewalls are sending router advertisements (only one being MASTER)
> with the LL-address of the physical em2 interface as the gateway. This
> causes clients that supports multiple default gateways to select both
> firewalls as their default gateway, and sending traffic to both the
> MASTER and BACKUP firewall.
> 
> Is there a way to make only the MASTER send router advertisements or
> (preferably only the MASTER) sending router advertisements with a
> virtual LL-address?
> 

What I would do is use devd to start/stop the rtadvd service based on whether or not you're master.


# notify 30 {
#         match "system"          "IFNET";
#         match "subsystem"       "carp0";
#         match "type"            "LINK_UP";
#         action "/path/to/script/or/command";
# };
#  
# notify 30 {
#         match "system"          "IFNET";
#         match "subsystem"       "carp0";
#         match "type"            "LINK_DOWN";
#         action "/path/to/script/or/command";
# };